Jump to content

Malwarebytes hangs at 'Scanning additional items', Chameleon stays at "Killing known malicious processes'


Recommended Posts

Here are the logs.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Patrick at 17:11:25 on 2012-09-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.5922 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\SYSTEM32\WISPTIS.EXE

C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE

C:\windows\system32\taskeng.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\windows\system32\Dwm.exe

C:\windows\system32\taskhost.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\jmesoft\hotkey.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\windows\system32\DllHost.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\windows\system32\taskhost.exe

C:\windows\SysWOW64\ctfmon.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://lenovo.msn.com

mWinlogon: Userinit=userinit.exe,

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [DIMDownloading your update...1338924290338] "C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE" "c:\programdata\corel\downloads\540240626_310002\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\users\patrick\appdata\roaming\corel\messages\540240626_310002\en\messagecache1\workflow"

mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

Trusted Zone: lenovo.com\consumersupport

Trusted Zone: lenovo.com.cn\edrivers

Trusted Zone: lenovo.com.cn\support4

Trusted Zone: lenovo.com.cn\think

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} - hxxp://123.127.211.194/us/en/SmartDownloading/cab/npdueng.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{DACF01DC-C65E-436F-8E3B-B24747F7B70E} : DhcpNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

FF - plugin: C:\windows\system32\lenovo\update\npdueng.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]

R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-26 44808]

R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2011-11-23 70496]

R2 DigiNet;Digidesign Ethernet Support;C:\windows\system32\DRIVERS\diginet.sys --> C:\windows\system32\DRIVERS\diginet.sys [?]

R2 mi-raysat_3dsmax2013_32;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe [2011-9-14 86016]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-4-7 5352960]

R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-13 1153368]

R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-7-25 6583160]

R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-7-25 528760]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 2655768]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]

R3 GeneStor;Genesys Logic Storage Driver;C:\windows\system32\DRIVERS\GeneStor.sys --> C:\windows\system32\DRIVERS\GeneStor.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 mbamchameleon;mbamchameleon;\??\C:\windows\system32\drivers\mbamchameleon.sys --> C:\windows\system32\drivers\mbamchameleon.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-4-10 164528]

R3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]

S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2011-11-23 110944]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]

S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]

S3 dalwdmservice;dal service;C:\windows\system32\drivers\dalwdm.sys --> C:\windows\system32\drivers\dalwdm.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]

S3 MBX2DFU;MBX2DFU;C:\windows\system32\DRIVERS\MBX2DFU.sys --> C:\windows\system32\DRIVERS\MBX2DFU.sys [?]

S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\windows\system32\drivers\mbx2midk.sys --> C:\windows\system32\drivers\mbx2midk.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 mlkumidi;MusicLab Virtual Miniport MIDI Driver;C:\windows\system32\drivers\mlkumidi.sys --> C:\windows\system32\drivers\mlkumidi.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-6 113120]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 wacmoumonitor;Wacom Mode Helper;C:\windows\system32\DRIVERS\wacmoumonitor.sys --> C:\windows\system32\DRIVERS\wacmoumonitor.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\windows\system32\drivers\ymidusbx64.sys --> C:\windows\system32\drivers\ymidusbx64.sys [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-12 20:27:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue

2012-09-12 20:27:54 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue Art et Technologie, Inc

2012-09-12 12:38:04 -------- d-----w- C:\Program Files\Plogue

2012-09-12 12:27:28 950128 ----a-w- C:\windows\System32\drivers\ndis.sys

2012-09-12 12:27:28 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys

2012-09-12 12:27:27 574464 ----a-w- C:\windows\System32\d3d10level9.dll

2012-09-12 12:27:27 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll

2012-09-12 12:27:26 376688 ----a-w- C:\windows\System32\drivers\netio.sys

2012-09-12 12:27:26 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS

2012-09-12 12:27:26 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys

2012-09-11 07:40:53 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B041FEE-1A5D-4BB5-9C68-36685AA346E0}\mpengine.dll

2012-09-11 03:26:02 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys

2012-09-11 03:17:18 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-09-11 03:17:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-10 22:59:47 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MTexturedStyles

2012-09-10 22:59:45 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction MXXX

2012-09-10 22:59:38 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction IR

2012-09-10 22:49:35 -------- d-----w- C:\Users\Patrick\AppData\Local\DC8C

2012-09-10 19:56:42 64 ----a-w- C:\Users\Patrick\AppData\Roaming\wsys.sys

2012-09-10 19:55:57 714526 ----a-w- C:\Users\Patrick\AppData\Roaming\unins000.exe

2012-09-10 19:55:57 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Bitsonic

2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\win_ident.sys

2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\tb.sys

2012-09-10 00:27:11 -------- d-----w- C:\Users\Patrick\AppData\Roaming\NUGEN Audio

2012-09-10 00:27:10 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_FB9AECF7-F56E-7B2E-A862-9892AA545103.dll

2012-09-10 00:27:10 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_F4F01109-C336-401f-BDE4-7C1926744104.dll

2012-09-10 00:27:10 2 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_D9C6A609-15A1-4768-8E98-6FA00C2547CC.dll

2012-09-10 00:27:10 2 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_72024697-2626-4a12-8347-7CAC1834AC3B.dll

2012-09-10 00:27:09 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_496F4C99-60AD-5b9e-AC1B-FA060E643C04.dll

2012-09-10 00:27:08 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_FAB01109-C336-401f-BDE4-AB1926744111.dll

2012-09-10 00:27:07 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_C92E1371-3DF5-4322-9729-82CC0DD90ECA.dll

2012-09-08 18:15:38 -------- d-----w- C:\Users\Patrick\AppData\Local\MusicLab

2012-09-08 18:15:38 -------- d-----w- C:\ProgramData\MusicLab

2012-09-08 18:15:18 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MusicLab

2012-09-08 18:15:12 -------- d-----w- C:\Program Files (x86)\MusicLab

2012-09-08 16:33:50 -------- d-----w- C:\Program Files (x86)\Togu Audio Line

2012-09-08 16:23:08 -------- d-----w- C:\Program Files (x86)\Expert Sleepers

2012-09-08 12:27:11 146836 ----a-w- C:\windows\Curvemeister3-64 Uninstaller.exe

2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Curvemeister.com

2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Common Files\Thraex Software

2012-09-08 12:26:07 146889 ----a-w- C:\windows\Curvemeister_3 Uninstaller.exe

2012-09-08 12:26:07 -------- d-----w- C:\ProgramData\Curvemeister.com

2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Curvemeister.com

2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software

2012-09-07 15:42:38 6034944 ----a-w- C:\windows\SysWow64\PSP Neon STD.dll

2012-09-07 15:42:37 6047744 ----a-w- C:\windows\SysWow64\PSP Neon HR.dll

2012-09-07 15:42:37 5122560 ----a-w- C:\windows\SysWow64\PSP Neon MIX.dll

2012-09-07 14:24:52 -------- d-----w- C:\Users\Patrick\AppData\Local\Mozilla Firefox

2012-09-05 19:34:53 -------- d-----w- C:\Program Files (x86)\Little Endian

2012-09-05 18:41:08 -------- d-----w- C:\Program Files (x86)\Poetic Guitar - Rainlotus

2012-09-04 13:12:44 -------- d-----w- C:\Program Files (x86)\Sonic Charge

2012-09-03 16:19:02 -------- d-----w- C:\Program Files (x86)\IMEA Studio

2012-09-03 15:09:20 -------- d-----w- C:\Program Files (x86)\Native Instruments

2012-09-02 18:30:00 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Waves Audio

2012-09-02 18:21:02 7744 ----a-w- C:\windows\SysWow64\HookDll.dll

2012-09-02 18:21:02 -------- d-----w- C:\Program Files (x86)\Waves

2012-09-02 01:22:01 -------- d-----w- C:\Program Files\Minimal System Instruments

2012-09-01 01:52:19 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Thinstall

2012-08-29 10:50:38 57408 ----a-w- C:\windows\System32\drivers\mlkumidi.sys

2012-08-28 02:10:26 -------- d-----w- C:\Program Files (x86)\LinPlug

2012-08-27 12:08:07 -------- d-----w- C:\ProgramData\ToguAudioLine

2012-08-27 00:44:23 -------- d-----w- C:\Program Files\Celemony

2012-08-27 00:44:22 -------- d-----w- C:\Program Files (x86)\Celemony

2012-08-27 00:31:09 -------- d-----w- C:\Program Files\Brainworx Music

2012-08-27 00:31:05 -------- d-----w- C:\Program Files (x86)\Brainworx Music

2012-08-26 15:00:00 275968 ----a-w- C:\windows\SysWow64\REX Shared Library.dll

2012-08-24 15:00:00 2181120 ----a-w- C:\windows\System32\ReWire.dll

2012-08-24 15:00:00 1431552 ----a-w- C:\windows\SysWow64\ReWire.dll

2012-08-23 12:14:23 -------- d-----w- C:\Users\Patrick\AppData\Local\Topaz Labs

2012-08-23 12:13:42 -------- d-----w- C:\Program Files\Topaz Labs

2012-08-23 12:09:08 -------- dc-h--w- C:\ProgramData\{66072046-04D4-48EA-A317-20AA5D8BACE9}

2012-08-23 12:09:03 -------- dc-h--w- C:\ProgramData\{C2FDA136-2501-43EB-ABB7-2D9AC8BFB655}

2012-08-23 11:39:33 -------- dc-h--w- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}

2012-08-23 11:39:21 -------- dc-h--w- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}

2012-08-23 11:39:09 -------- dc-h--w- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}

2012-08-23 11:38:54 -------- dc-h--w- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}

2012-08-23 11:38:37 -------- dc-h--w- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}

2012-08-23 11:38:27 -------- dc-h--w- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}

2012-08-23 11:38:16 -------- dc-h--w- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}

2012-08-23 11:38:07 -------- dc-h--w- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}

2012-08-23 11:38:05 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}

2012-08-23 11:37:54 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}

2012-08-23 11:37:49 -------- dc-h--w- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}

2012-08-23 11:37:41 -------- dc-h--w- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}

2012-08-23 11:37:35 -------- dc-h--w- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}

2012-08-23 11:37:27 -------- dc-h--w- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}

2012-08-23 11:37:24 -------- dc-h--w- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}

2012-08-23 11:37:14 -------- dc-h--w- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}

2012-08-23 11:37:05 -------- dc-h--w- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}

2012-08-23 11:36:58 -------- dc-h--w- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}

2012-08-23 11:36:49 -------- dc-h--w- C:\ProgramData\{ABC7326D-27C4-4601-8B2C-50AABC4C287C}

2012-08-23 11:36:42 -------- dc-h--w- C:\ProgramData\{AE93E0EC-AB92-4D27-9DA8-1BCEE7181244}

2012-08-23 11:36:39 -------- dc-h--w- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}

2012-08-23 11:36:38 -------- d-----w- C:\Program Files\Common Files\Topaz Labs

2012-08-23 11:36:30 -------- dc-h--w- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}

2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Topaz Labs

2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs

2012-08-23 11:35:53 -------- d-----w- C:\Users\Patrick\AppData\Local\PackageAware

2012-08-22 21:40:40 -------- d-----w- C:\Users\Patrick\AppData\Roaming\4Front

2012-08-21 00:11:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sublime Text 2

2012-08-21 00:11:41 -------- d-----w- C:\Program Files\Sublime Text 2

2012-08-20 15:34:48 -------- d-----w- C:\Program Files (x86)\AudioMulch 2.2.1

2012-08-17 19:51:09 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services

2012-08-17 19:51:07 -------- d-----w- C:\Program Files\Common Files\MAGIX Services

2012-08-17 03:00:15 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Malwarebytes

2012-08-17 03:00:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-08-17 00:51:04 -------- d-----w- C:\ProgramData\Corel Painter 12.1 Update

2012-08-16 01:45:14 503808 ----a-w- C:\windows\System32\srcore.dll

2012-08-16 01:45:14 43008 ----a-w- C:\windows\SysWow64\srclient.dll

2012-08-16 01:45:13 3148800 ----a-w- C:\windows\System32\win32k.sys

2012-08-16 01:45:12 59392 ----a-w- C:\windows\System32\browcli.dll

2012-08-16 01:45:12 41984 ----a-w- C:\windows\SysWow64\browcli.dll

2012-08-16 01:45:12 136704 ----a-w- C:\windows\System32\browser.dll

2012-08-16 01:45:11 751104 ----a-w- C:\windows\System32\win32spl.dll

2012-08-16 01:45:11 67072 ----a-w- C:\windows\splwow64.exe

2012-08-16 01:45:11 559104 ----a-w- C:\windows\System32\spoolsv.exe

2012-08-16 01:45:11 492032 ----a-w- C:\windows\SysWow64\win32spl.dll

2012-08-16 01:45:10 956928 ----a-w- C:\windows\System32\localspl.dll

2012-08-15 00:37:55 150 ----a-w- C:\windows\SysWow64\privatedata.dll

2012-08-15 00:37:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sonalksis

2012-08-14 23:50:06 -------- d-----w- C:\Users\Patrick\AppData\Roaming\New Sonic Arts

2012-08-14 23:44:52 -------- d-----w- C:\ProgramData\New Sonic Arts

2012-08-14 23:44:51 -------- d-----w- C:\Program Files (x86)\New Sonic Arts

.

==================== Find3M ====================

.

2012-08-24 11:32:54 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-24 11:32:54 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-08-21 09:13:13 969200 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2012-08-21 09:13:12 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2012-08-21 09:13:12 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2012-08-21 09:12:33 41224 ----a-w- C:\windows\avastSS.scr

2012-08-10 16:28:14 134088 ----a-w- C:\windows\ColorPic Uninstaller.exe

2012-08-06 15:00:00 276480 ----a-w- C:\windows\System32\XilsFiles64.dll

2012-08-06 15:00:00 229376 ----a-w- C:\windows\SysWow64\XilsFiles32.dll

2012-07-07 13:33:23 720896 ----a-w- C:\windows\iun6002.exe

2012-07-06 12:17:09 715117 ----a-w- C:\windows\unins004.exe

2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-06-25 20:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll

2012-06-18 18:41:37 721758 ----a-w- C:\windows\unins003.exe

.

============= FINISH: 17:12:27.53 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/9/2011 3:26:10 AM

System Uptime: 9/13/2012 3:05:19 AM (14 hours ago)

.

Motherboard: LENOVO | | To be filled by O.E.M.

Processor: Intel® Core i3-2100 CPU @ 3.10GHz | CPU 1 | 3100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 906 GiB total, 168.701 GiB free.

D: is CDROM ()

E: is CDROM (UDF)

F: is FIXED (NTFS) - 931 GiB total, 134.614 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

µTorrent

2C-Audio Aether

2C-Audio Breeze

AAS - Chromaphone

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS5.5

Adobe AIR

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Dreamweaver CS5.5

Adobe Dreamweaver CS6

Adobe Fireworks CS6

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Flash Professional CS6

Adobe Help Manager

Adobe Illustrator CS6

Adobe InDesign CS6

Adobe kuler

Adobe Media Player

Adobe Photoshop CS6

Adobe Premiere Pro CS5.5

Adobe Soundbooth CS5

Adobe Story

Adobe Widget Browser

AKVIS SmartMask

Alien Skin Blow Up

Alien Skin Exposure 2

Alien Skin Snap Art

Alternative Rock EZmix pack

Amaya

Amazon Kindle

Ambiotica REFiLL

Analog Factory 2.5

Apple Application Support

Apple Software Update

ARP2600 V2 2.0

Artillery2

ArtsAcoustic BigRock v1.0.7

ArtsAcoustic CL Series v1.0.19

ASIO4ALL

Autodesk 3ds Max Design 2013 32-bit

Autodesk Backburner 2013.0.0

Autodesk Civil View for 3ds Max Design 2013

Autodesk Essential Skills Movies for 3ds Max Design 2013 32-bit

Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013

Autodesk Inventor Server Engine for 3ds Max Design 2013 32-bit

Autodesk Material Library 2013

Autodesk Material Library Base Resolution Image Library 2013

Autodesk Material Library Medium Resolution Image Library 2013

AV Bros. Page Curl Pro 2.2 (Remove Only)

avast! Free Antivirus

Bamboo Dock

BazzISM2 VST2 2.4.6

Best Buy pc app

Big Fish Audio First Call Horns

Bitsonic Waspy 2 + gold Soundbank

Blue Cat's Protector RTAS 2.0 Demo

Blue Cat's Protector VST 2.0 Demo

BlueGriffon version 1.1.1

BlueStacks (alpha)

Brass 2.0.5

calibre

Camel Audio Alchemy

Catanya 1.0.1

ChordWizard Songtrix Gold 3.0

Chuck Ainlay EZmix pack

Clubotica REFiLL

ColorPic

Composite 2013

Corel Painter Essentials 4

CS-80V2 2.0

Curvemeister_3

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Devine Machine Lucifer VST v2.1

Digidesign Audio Drivers 8.0

Digidesign Pro Tools Creative Collection 8.0

Digidesign Pro Tools LE 8.0

discoDSP Discovery Pro

DisplayFusion 3.3.1

DMGAudio EQuality 1.17

DMGAudio PitchFunk 1.02

Drumaxx

DX10

East West EWQLSO Gold Edition

Edison

Electronic EZmix pack

eLicenser Control

EQ500 version 1.0.0

EZmix 32-bit

FileZilla Client 3.5.3

Filter Forge 2.008

Filtrate 1.101

FL Studio 10

Free DigiRack Plug-Ins 8.0

FXpansion DCAMDynamics

FXpansion Free Comp

FXpansion Tremor

Genesys USB Mass Storage Device

Git version 1.7.6-preview20110708

GlaceVerb 1.01

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hardcore

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

IL Autogun

IL Download Manager

IL DrumSynth Live

IL Gross Beat

IL Harmless

IL Juice Pack

IL Ogun

IL Slicex

IL Vocodex

Inkscape 0.48.2

Intel® C++ Redistributables for Windows* on IA-32

Intel® C++ Redistributables on IA-32

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

iZotope iDrum

iZotope Iris

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

Jupiter-8V2 2.0

Lenovo Driver and Application Installation

Lenovo Rescue System

Lenovo USB2.0 UVC Camera

LinPlug relectro

LinPlug RMV Drum Library

Live 8.2.7

LVT

LXH-JME2207FN Hotkey Driver

Macromedia FreeHand MXa

MAGIX Speed burnR (MSI)

MAGMA Installer

Malwarebytes Anti-Malware version 1.65.0.1400

Mark Needham EZmix pack

Maximus

Mesh Runtime

Metal Essentials EZmix pack

Metal EZmix pack

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Design 4

Microsoft Expression Encoder 4

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Expression Studio 4

Microsoft Expression Web 4

Microsoft Expression Web 4 Service Pack 2

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio Macro Tools

Microsoft Visual Studio Tools for Applications 2.0 - ENU

Microsoft Visual Studio Tools for Applications 2.0 Runtime

Microsoft Web Embedding Fonts Tool (III)

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

minimoog V2 2.0

Miroslav Philharmonik CE

Modern PopRock EZmix pack

Moog Modular V 2.5

Morphine

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

Native Instruments Abbey Road 60s Drums

Native Instruments Absynth 5

Native Instruments Battery 3

Native Instruments Battery Library Importer for Maschine

Native Instruments Berlin Concert Grand

Native Instruments Controller Editor

Native Instruments Damage

Native Instruments FM8

Native Instruments Guitar Rig 5

Native Instruments Komplete 8

Native Instruments Kontakt 5

Native Instruments Kontakt Factory Library

Native Instruments Massive

Native Instruments New York Concert Grand

Native Instruments Rammfire

Native Instruments Reaktor 5

Native Instruments Reaktor Prism

Native Instruments Reaktor Spark R2

Native Instruments Reflektor

Native Instruments Scarbee MM-Bass

Native Instruments Scarbee Vintage Keys

Native Instruments Service Center

Native Instruments Studio Drummer

Native Instruments The Finger R2

Native Instruments Traktors 12

Native Instruments Transient Master

Native Instruments Upright Piano

Native Instruments Vienna Concert Grand

Native Instruments Vintage Organs

Native Instruments West Africa

nebula3 CM

Noise Reduction Plug-in 2.0i

Noisebud CatchDad

Notepad++

Nuklear VST2 1.1.4

Opera 11.52

OrangeVocoder VST 2.02

PAP 4.0

PAP project files

Pazera Free MP4 to AVI Converter 1.6

PDF Settings CS5

PDF Settings CS6

PDFMate Free PDF Converter 1.10

photoFXlab (32 bit)

Poise 1.1.19

PreSonus Studio One 2

Prophet-V2 2.0

PSP 608 MultiDelay 32bit

PSP Neon 32bit

PTC-2A version 1.0.1

PxMergeModule

Quark Update

QuarkXPress

QuickTime

Realtek High Definition Audio Driver

REAPER

Reason 5.0

Redwirez mixIR2 version 1.0.171

REFLEX PRO V2

reFX Nexus VSTi RTAS v2.2.0

reFX quadraSID 1.6.0

reFX Vanguard VSTi RTAS v1.8.0

rgc:audio sfz+ VSTi v1.01

rgcAudio Square I VSTi v1.2

Rob Papen Albino 3

Rob Papen BLUE Version 1.8.5d

Rob Papen Predator RTAS V1.6.2

Rob Papen Predator V1.6.2a

Rob Papen Punch 32 Bits 1.0.3

Robotronic

Rock EZmix pack

Roger Nichols Digital SIGNATURE Bundle VST RTAS v1.9.3

Ruby 1.9.3-p194

Safari

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Expression Design 4 (KB2667730)

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

SEQ1 Master

SEQ2 Master

Sequoia 12

shortcircuit

Sibelius 7 OpenType Fonts

SimSynth

Slate Digital FG-X Mastering Processor VST RTAS v1.1.2

Softube Trident A-Range VST RTAS v1.0.2

Softube Tube-Tech CL 1B VST RTAS v1.0.3

Softube Tube Delay VST RTAS v1.0.5

Softube Vintage Amp Room VST RTAS v1.0.8

Sonalksis Plug-in Manager 3.00

Songwriters Tools EZmix pack

Sonnoxplugins Oxford Elite Collection Native v1.0

Sound Forge Pro 10.0

Spark Vintage Drum Machines 1.0.2

Splat! 1.0

Spybot - Search & Destroy

Steinberg VST Classics 1

Sugar Bytes Guitarist Library 1.0

SynthMaster 2.5 VST/VSTi version 2.5.3.109

Sytrus

TerraTec Komplexer VSTi 1.0.3

The T-Pain Effect Bundle

Topaz Adjust 5

Topaz Adjust 5 (64-bit)

Topaz B&W Effects

Topaz B&W Effects (64-bit)

Topaz Clean 3

Topaz Clean 3 (64-bit)

Topaz DeJpeg 4

Topaz DeJpeg 4 (64-bit)

Topaz DeNoise 5

Topaz DeNoise 5 (64-bit)

Topaz Detail 2

Topaz Detail 2 (64-bit)

Topaz Fusion Express 2

Topaz Fusion Express 2 (64-bit)

Topaz InFocus

Topaz InFocus (64-bit)

Topaz Lens Effects

Topaz Lens Effects (64-bit)

Topaz ReMask 3

Topaz ReMask 3 (64-bit)

Topaz Simplify 3

Topaz Simplify 3 (64-bit)

Topaz Star Effects

Topaz Star Effects (64-bit)

Toxic DEMO v2.1

TubeOhm Alpha-Ray

Universal Extractor 1.6.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

ValhallaRoom 1.1.0

ValhallaUberMod 1.0.1

VAZ 2010 2.1.4

VAZ Modular 3.2.4

VAZ Plus 2.1.7

Vegas Pro 11.0

Vember Audio SURGE

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Visualizer v1.9.2

VKFX 2.2.8

VLC media player 2.0.1

Vogue

VTE-2A version 1.0.7

W2 Harmonizer v1.0

WampServer 2.2

Wasp

Wave Arts Tube Saturator

Waves Complete V9r5

WebTablet FB Plugin

WebTablet IE Plugin

WebTablet Netscape Plugin

Windows 7 Upgrade Advisor

Windows Internet Explorer Platform Preview

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.2

WOW

WPF Toolkit February 2010 (Version 3.5.50211.1)

.

==== Event Viewer Messages From Past Week ========

.

9/13/2012 3:06:02 AM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello zoid9 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following application: µTorrent

Step 2

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Step 3

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

Step 4

Follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=417798entry417798

Step 5

Open www.virustotal.com and one by one upload the following files:

C:\Users\Patrick\AppData\Roaming\wsys.sys

C:\Users\Patrick\AppData\Roaming\win_ident.sys

C:\Users\Patrick\AppData\Roaming\tb.sys

Wait until scan finished and then copy/paste the URL in your next reply.

In your next reply, post the following log files:

  • AdwCleaner log
  • aswMBR log
  • Virustotal results
  • a new fresh DDS log

Link to post
Share on other sites

Thank you for your response.

I have completed the steps as you requested.

I could only scan one file with Virustotal.

When I tried to scan the other two, Virustotal tells me they have already been scanned.

VirusTotal URL: https://www.virustotal.com/file/09b09fc4ad78e4539784822704936a37f8a71cf170d5c5d6bae77fabf40ec090/analysis/1348081638/

Here are the logs:

AdwCleaner[R1].txt

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 07:56:20

# Updated 16/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Patrick - PATRICK-PC-X64

# Boot Mode : Normal

# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\searchplugins\Askcom.xml

Folder Found : C:\Users\Patrick\AppData\Local\APN

***** [Registry] *****

Key Found : HKCU\Software\Conduit

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\Default Tab

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default

File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*******************************************************************************************

AdwCleaner[R1].txt - [1468 octets] - [19/09/2012 07:56:20]

########## EOF - C:\AdwCleaner[R1].txt - [1528 octets] ##########

aswMBR.txt

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-09-19 08:01:02

-----------------------------

08:01:02.717 OS Version: Windows x64 6.1.7601 Service Pack 1

08:01:02.717 Number of processors: 4 586 0x2A07

08:01:02.717 ComputerName: PATRICK-PC-X64 UserName: Patrick

08:01:03.856 Initialize success

08:01:03.950 AVAST engine defs: 12091802

08:01:06.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

08:01:06.181 Disk 0 Vendor: WDC_WD10EALS-08Z8A0 15.01H15 Size: 953869MB BusType: 11

08:01:06.196 Disk 0 MBR read successfully

08:01:06.196 Disk 0 MBR scan

08:01:06.196 Disk 0 Windows 7 default MBR code

08:01:06.196 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

08:01:06.212 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848

08:01:06.243 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312

08:01:06.274 Disk 0 scanning C:\windows\system32\drivers

08:01:11.344 Service scanning

08:01:21.578 Modules scanning

08:01:21.578 Disk 0 trace - called modules:

08:01:21.593 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

08:01:22.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d97060]

08:01:22.093 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8007ad9520]

08:01:22.093 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ad5680]

08:01:23.060 AVAST engine scan C:\windows

08:01:25.728 AVAST engine scan C:\windows\system32

08:03:08.734 AVAST engine scan C:\windows\system32\drivers

08:03:14.850 AVAST engine scan C:\Users\Patrick

09:06:08.659 Disk 0 MBR has been saved successfully to "C:\Users\Patrick\Desktop\MBR.dat"

09:06:08.659 The log file has been saved successfully to "C:\Users\Patrick\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-09-19 09:07:00

-----------------------------

09:07:00.467 OS Version: Windows x64 6.1.7601 Service Pack 1

09:07:00.467 Number of processors: 4 586 0x2A07

09:07:00.467 ComputerName: PATRICK-PC-X64 UserName: Patrick

09:07:02.963 Initialize success

09:07:03.026 AVAST engine defs: 12091802

09:07:08.782 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

09:07:08.782 Disk 0 Vendor: WDC_WD10EALS-08Z8A0 15.01H15 Size: 953869MB BusType: 11

09:07:08.860 Disk 0 MBR read successfully

09:07:08.860 Disk 0 MBR scan

09:07:08.876 Disk 0 Windows 7 default MBR code

09:07:08.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

09:07:08.938 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848

09:07:09.000 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312

09:07:09.188 Disk 0 scanning C:\windows\system32\drivers

09:08:14.474 Service scanning

09:08:24.770 Modules scanning

09:08:24.770 Disk 0 trace - called modules:

09:08:24.816 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

09:08:24.816 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d97060]

09:08:24.832 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8007ad9520]

09:08:24.832 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ad5680]

09:08:26.189 AVAST engine scan C:\windows

09:11:56.868 AVAST engine scan C:\windows\system32

09:33:52.141 AVAST engine scan C:\windows\system32\drivers

09:36:14.758 AVAST engine scan C:\Users\Patrick

13:38:56.447 AVAST engine scan C:\ProgramData

14:13:00.597 Scan finished successfully

14:29:02.978 Disk 0 MBR has been saved successfully to "C:\Users\Patrick\Desktop\MBR.dat"

14:29:02.978 The log file has been saved successfully to "C:\Users\Patrick\Desktop\aswMBR.txt"

**********************************************************************************************************************************************************

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Patrick at 15:26:57 on 2012-09-19

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.4313 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\windows\System32\spoolsv.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\system32\taskeng.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

C:\windows\SysWOW64\nlssrv32.exe

C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\jmesoft\hotkey.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Notepad++\notepad++.exe

C:\windows\SysWOW64\ctfmon.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://lenovo.msn.com

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"

mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

Trusted Zone: lenovo.com\consumersupport

Trusted Zone: lenovo.com.cn\edrivers

Trusted Zone: lenovo.com.cn\support4

Trusted Zone: lenovo.com.cn\think

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} - hxxp://123.127.211.194/us/en/SmartDownloading/cab/npdueng.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{DACF01DC-C65E-436F-8E3B-B24747F7B70E} : DhcpNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

FF - plugin: C:\windows\system32\lenovo\update\npdueng.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]

R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-26 44808]

R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2011-11-23 70496]

R2 DigiNet;Digidesign Ethernet Support;C:\windows\system32\DRIVERS\diginet.sys --> C:\windows\system32\DRIVERS\diginet.sys [?]

R2 mi-raysat_3dsmax2013_32;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe [2011-9-14 86016]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-4-7 5352960]

R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-2-15 66560]

R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-13 1153368]

R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-7-25 6583160]

R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-7-25 528760]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 2655768]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]

R3 GeneStor;Genesys Logic Storage Driver;C:\windows\system32\DRIVERS\GeneStor.sys --> C:\windows\system32\DRIVERS\GeneStor.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-4-10 164528]

S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2011-11-23 110944]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]

S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]

S3 dalwdmservice;dal service;C:\windows\system32\drivers\dalwdm.sys --> C:\windows\system32\drivers\dalwdm.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]

S3 mbamchameleon;mbamchameleon;\??\C:\windows\system32\drivers\mbamchameleon.sys --> C:\windows\system32\drivers\mbamchameleon.sys [?]

S3 MBX2DFU;MBX2DFU;C:\windows\system32\DRIVERS\MBX2DFU.sys --> C:\windows\system32\DRIVERS\MBX2DFU.sys [?]

S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\windows\system32\drivers\mbx2midk.sys --> C:\windows\system32\drivers\mbx2midk.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 mlkumidi;MusicLab Virtual Miniport MIDI Driver;C:\windows\system32\drivers\mlkumidi.sys --> C:\windows\system32\drivers\mlkumidi.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-6 113120]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 wacmoumonitor;Wacom Mode Helper;C:\windows\system32\DRIVERS\wacmoumonitor.sys --> C:\windows\system32\DRIVERS\wacmoumonitor.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\windows\system32\drivers\ymidusbx64.sys --> C:\windows\system32\drivers\ymidusbx64.sys [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-19 11:50:02 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE07FD37-8D8D-4A72-AB33-DC75C3FA0E86}\offreg.dll

2012-09-18 12:07:20 -------- d-----w- C:\Program Files\Common Files\Corel

2012-09-18 12:03:28 -------- d-----w- C:\ProgramData\CorelDRAW Graphics Suite X6.1

2012-09-18 12:02:15 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE07FD37-8D8D-4A72-AB33-DC75C3FA0E86}\mpengine.dll

2012-09-18 01:42:42 2160640 ----a-w- C:\windows\SysWow64\Lexicon PSP42.dll

2012-09-17 17:35:08 7744 ----a-w- C:\windows\SysWow64\HookDll.dll

2012-09-17 17:35:08 -------- d-----w- C:\Program Files (x86)\Waves

2012-09-17 16:48:53 -------- d-----w- C:\ProgramData\Mr Retro

2012-09-17 16:37:26 -------- d-----w- C:\Users\Patrick\AppData\Local\Nik Software

2012-09-17 16:29:26 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Nik Software

2012-09-17 16:27:29 -------- d-----w- C:\windows\MSSecurityNS

2012-09-17 16:27:29 -------- d-----w- C:\windows\MSSecurityNi

2012-09-17 16:18:36 -------- d-----w- C:\ProgramData\Nik Software

2012-09-17 16:18:36 -------- d-----w- C:\Program Files\Nik Software

2012-09-16 13:36:42 -------- d-----w- C:\Program Files (x86)\Common Files\Toontrack

2012-09-15 17:38:55 -------- dc-h--w- C:\ProgramData\{B47B5054-C8AD-4A73-9404-941527E95112}

2012-09-15 17:32:40 -------- dc-h--w- C:\ProgramData\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}

2012-09-15 17:28:43 -------- d-----w- C:\Program Files (x86)\Native Instruments

2012-09-15 17:13:20 -------- dc-h--w- C:\ProgramData\{27D02406-6F0F-419F-AF2F-A4EE19D2E463}

2012-09-15 17:13:16 -------- dc-h--w- C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904}

2012-09-15 17:13:09 -------- dc-h--w- C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369}

2012-09-15 17:01:58 -------- dc-h--w- C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}

2012-09-15 16:44:21 -------- dc-h--w- C:\ProgramData\{2E6321BB-FAC3-49D4-A09B-950445E829D2}

2012-09-15 16:00:39 -------- dc-h--w- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2012-09-15 15:19:44 -------- dc-h--w- C:\ProgramData\{A8C1CCDF-B115-4A90-9BED-02286078A8DE}

2012-09-15 13:52:32 -------- dc-h--w- C:\ProgramData\{03149E88-061F-4C01-98FF-736811F5AEF5}

2012-09-15 13:48:19 -------- dc-h--w- C:\ProgramData\{E753D955-673D-4851-B06F-9A9D0C44C02C}

2012-09-15 13:43:07 -------- dc-h--w- C:\ProgramData\{87A1E31E-1C63-4A99-AEEA-EA57A3043C1D}

2012-09-14 13:45:05 -------- d-sh--w- C:\$RECYCLE.BIN

2012-09-14 13:27:01 98816 ----a-w- C:\windows\sed.exe

2012-09-14 13:27:01 518144 ----a-w- C:\windows\SWREG.exe

2012-09-14 13:27:01 256000 ----a-w- C:\windows\PEV.exe

2012-09-14 13:27:01 208896 ----a-w- C:\windows\MBR.exe

2012-09-12 20:27:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue

2012-09-12 20:27:54 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue Art et Technologie, Inc

2012-09-12 12:38:04 -------- d-----w- C:\Program Files\Plogue

2012-09-12 12:27:28 950128 ----a-w- C:\windows\System32\drivers\ndis.sys

2012-09-12 12:27:28 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys

2012-09-12 12:27:27 574464 ----a-w- C:\windows\System32\d3d10level9.dll

2012-09-12 12:27:27 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll

2012-09-12 12:27:26 376688 ----a-w- C:\windows\System32\drivers\netio.sys

2012-09-12 12:27:26 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS

2012-09-12 12:27:26 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys

2012-09-11 03:26:02 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys

2012-09-11 03:17:18 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-09-11 03:17:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-10 22:59:47 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MTexturedStyles

2012-09-10 22:59:45 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction MXXX

2012-09-10 22:59:38 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction IR

2012-09-10 22:49:35 -------- d-----w- C:\Users\Patrick\AppData\Local\DC8C

2012-09-10 19:56:42 64 ----a-w- C:\Users\Patrick\AppData\Roaming\wsys.sys

2012-09-10 19:55:57 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Bitsonic

2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\win_ident.sys

2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\tb.sys

2012-09-10 00:27:11 -------- d-----w- C:\Users\Patrick\AppData\Roaming\NUGEN Audio

2012-09-08 18:15:38 -------- d-----w- C:\Users\Patrick\AppData\Local\MusicLab

2012-09-08 18:15:38 -------- d-----w- C:\ProgramData\MusicLab

2012-09-08 18:15:18 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MusicLab

2012-09-08 18:15:12 -------- d-----w- C:\Program Files (x86)\MusicLab

2012-09-08 16:33:50 -------- d-----w- C:\Program Files (x86)\Togu Audio Line

2012-09-08 16:23:08 -------- d-----w- C:\Program Files (x86)\Expert Sleepers

2012-09-08 12:27:11 146836 ----a-w- C:\windows\Curvemeister3-64 Uninstaller.exe

2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Curvemeister.com

2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Common Files\Thraex Software

2012-09-08 12:26:07 146889 ----a-w- C:\windows\Curvemeister_3 Uninstaller.exe

2012-09-08 12:26:07 -------- d-----w- C:\ProgramData\Curvemeister.com

2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Curvemeister.com

2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software

2012-09-07 15:42:38 6034944 ----a-w- C:\windows\SysWow64\PSP Neon STD.dll

2012-09-07 15:42:37 6047744 ----a-w- C:\windows\SysWow64\PSP Neon HR.dll

2012-09-07 15:42:37 5122560 ----a-w- C:\windows\SysWow64\PSP Neon MIX.dll

2012-09-07 14:24:52 -------- d-----w- C:\Users\Patrick\AppData\Local\Mozilla Firefox

2012-09-06 02:36:32 4608 ----a-w- C:\windows\System32\Viveza2FC64.dll

2012-09-06 02:36:32 3072 ----a-w- C:\windows\SysWow64\Viveza2FC32.dll

2012-09-05 19:34:53 -------- d-----w- C:\Program Files (x86)\Little Endian

2012-09-05 18:41:08 -------- d-----w- C:\Program Files (x86)\Poetic Guitar - Rainlotus

2012-09-05 00:18:08 326144 ----a-w- C:\windows\SysWow64\SilverEfexPro2FC32.dll

2012-09-05 00:18:06 4608 ----a-w- C:\windows\System32\SilverEfexPro2FC64.dll

2012-09-04 13:12:44 -------- d-----w- C:\Program Files (x86)\Sonic Charge

2012-09-03 16:19:02 -------- d-----w- C:\Program Files (x86)\IMEA Studio

2012-09-02 18:30:00 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Waves Audio

2012-09-02 01:22:01 -------- d-----w- C:\Program Files\Minimal System Instruments

2012-09-01 01:52:19 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Thinstall

2012-08-29 10:50:38 57408 ----a-w- C:\windows\System32\drivers\mlkumidi.sys

2012-08-28 02:10:26 -------- d-----w- C:\Program Files (x86)\LinPlug

2012-08-27 12:08:07 -------- d-----w- C:\ProgramData\ToguAudioLine

2012-08-27 00:44:23 -------- d-----w- C:\Program Files\Celemony

2012-08-27 00:44:22 -------- d-----w- C:\Program Files (x86)\Celemony

2012-08-27 00:31:09 -------- d-----w- C:\Program Files\Brainworx Music

2012-08-27 00:31:05 -------- d-----w- C:\Program Files (x86)\Brainworx Music

2012-08-26 15:00:00 275968 ----a-w- C:\windows\SysWow64\REX Shared Library.dll

2012-08-24 15:00:00 2181120 ----a-w- C:\windows\System32\ReWire.dll

2012-08-24 15:00:00 1431552 ----a-w- C:\windows\SysWow64\ReWire.dll

2012-08-23 12:14:23 -------- d-----w- C:\Users\Patrick\AppData\Local\Topaz Labs

2012-08-23 12:13:42 -------- d-----w- C:\Program Files\Topaz Labs

2012-08-23 12:09:08 -------- dc-h--w- C:\ProgramData\{66072046-04D4-48EA-A317-20AA5D8BACE9}

2012-08-23 12:09:03 -------- dc-h--w- C:\ProgramData\{C2FDA136-2501-43EB-ABB7-2D9AC8BFB655}

2012-08-23 11:39:33 -------- dc-h--w- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}

2012-08-23 11:39:21 -------- dc-h--w- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}

2012-08-23 11:39:09 -------- dc-h--w- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}

2012-08-23 11:38:54 -------- dc-h--w- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}

2012-08-23 11:38:37 -------- dc-h--w- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}

2012-08-23 11:38:27 -------- dc-h--w- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}

2012-08-23 11:38:16 -------- dc-h--w- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}

2012-08-23 11:38:07 -------- dc-h--w- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}

2012-08-23 11:38:05 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}

2012-08-23 11:37:54 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}

2012-08-23 11:37:49 -------- dc-h--w- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}

2012-08-23 11:37:41 -------- dc-h--w- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}

2012-08-23 11:37:35 -------- dc-h--w- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}

2012-08-23 11:37:27 -------- dc-h--w- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}

2012-08-23 11:37:24 -------- dc-h--w- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}

2012-08-23 11:37:14 -------- dc-h--w- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}

2012-08-23 11:37:05 -------- dc-h--w- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}

2012-08-23 11:36:58 -------- dc-h--w- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}

2012-08-23 11:36:49 -------- dc-h--w- C:\ProgramData\{ABC7326D-27C4-4601-8B2C-50AABC4C287C}

2012-08-23 11:36:42 -------- dc-h--w- C:\ProgramData\{AE93E0EC-AB92-4D27-9DA8-1BCEE7181244}

2012-08-23 11:36:39 -------- dc-h--w- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}

2012-08-23 11:36:38 -------- d-----w- C:\Program Files\Common Files\Topaz Labs

2012-08-23 11:36:30 -------- dc-h--w- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}

2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Topaz Labs

2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs

2012-08-23 11:35:53 -------- d-----w- C:\Users\Patrick\AppData\Local\PackageAware

2012-08-22 21:40:40 -------- d-----w- C:\Users\Patrick\AppData\Roaming\4Front

2012-08-21 00:11:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sublime Text 2

2012-08-21 00:11:41 -------- d-----w- C:\Program Files\Sublime Text 2

.

==================== Find3M ====================

.

2012-08-24 11:32:54 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-24 11:32:54 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-08-21 09:13:13 969200 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2012-08-21 09:13:12 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2012-08-21 09:13:12 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2012-08-21 09:12:33 41224 ----a-w- C:\windows\avastSS.scr

2012-08-10 16:28:14 134088 ----a-w- C:\windows\ColorPic Uninstaller.exe

2012-08-06 15:00:00 276480 ----a-w- C:\windows\System32\XilsFiles64.dll

2012-08-06 15:00:00 229376 ----a-w- C:\windows\SysWow64\XilsFiles32.dll

2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys

2012-07-06 12:17:09 715117 ----a-w- C:\windows\unins004.exe

2012-07-04 22:13:27 59392 ----a-w- C:\windows\System32\browcli.dll

2012-07-04 22:13:27 136704 ----a-w- C:\windows\System32\browser.dll

2012-07-04 21:14:34 41984 ----a-w- C:\windows\SysWow64\browcli.dll

2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-06-25 20:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll

.

============= FINISH: 15:27:20.25 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/9/2011 3:26:10 AM

System Uptime: 9/19/2012 7:29:08 AM (8 hours ago)

.

Motherboard: LENOVO | | To be filled by O.E.M.

Processor: Intel® Core i3-2100 CPU @ 3.10GHz | CPU 1 | 3100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 906 GiB total, 169.352 GiB free.

D: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

2C-Audio Aether

2C-Audio Breeze

AAS - Chromaphone

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS5.5

Adobe AIR

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Dreamweaver CS5.5

Adobe Dreamweaver CS6

Adobe Fireworks CS6

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Flash Professional CS6

Adobe Help Manager

Adobe Illustrator CS6

Adobe InDesign CS6

Adobe kuler

Adobe Media Player

Adobe Photoshop CS6

Adobe Premiere Pro CS5.5

Adobe Soundbooth CS5

Adobe Story

Adobe Widget Browser

AKVIS SmartMask

Alien Skin Blow Up

Alien Skin Exposure 2

Alien Skin Snap Art

Alternative Rock EZmix pack

Amaya

Amazon Kindle

Ambiotica REFiLL

Analog Factory 2.5

Apple Application Support

Apple Software Update

ARP2600 V2 2.0

Artillery2

ArtsAcoustic BigRock v1.0.7

ArtsAcoustic CL Series v1.0.19

ASIO4ALL

Autodesk 3ds Max Design 2013 32-bit

Autodesk Backburner 2013.0.0

Autodesk Civil View for 3ds Max Design 2013

Autodesk Essential Skills Movies for 3ds Max Design 2013 32-bit

Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013

Autodesk Inventor Server Engine for 3ds Max Design 2013 32-bit

Autodesk Material Library 2013

Autodesk Material Library Base Resolution Image Library 2013

Autodesk Material Library Medium Resolution Image Library 2013

AV Bros. Page Curl Pro 2.2 (Remove Only)

avast! Free Antivirus

Bamboo Dock

BazzISM2 VST2 2.4.6

Best Buy pc app

Big Fish Audio First Call Horns

Blue Cat's Protector RTAS 2.0 Demo

Blue Cat's Protector VST 2.0 Demo

BlueGriffon version 1.1.1

BlueStacks (alpha)

Brass 2.0.5

calibre

Camel Audio Alchemy

Catanya 1.0.1

ChordWizard Songtrix Gold 3.0

Chuck Ainlay EZmix pack

Clubotica REFiLL

ColorPic

Composite 2013

Corel Painter Essentials 4

CorelDRAW Graphics Suite X6 - IPM Content

CS-80V2 2.0

Curvemeister_3

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Devine Machine Lucifer VST v2.1

Digidesign Audio Drivers 8.0

Digidesign Pro Tools Creative Collection 8.0

Digidesign Pro Tools LE 8.0

discoDSP Discovery Pro

DisplayFusion 3.3.1

DMGAudio EQuality 1.17

DMGAudio PitchFunk 1.02

Drumaxx

DX10

East West EWQLSO Gold Edition

Edison

Electronic EZmix pack

eLicenser Control

EQ500 version 1.0.0

EZkeys Grand Piano

EZkeys Player 32-bit

EZmix 32-bit

FileZilla Client 3.5.3

Filter Forge 2.008

Filtrate 1.101

FL Studio 10

Free DigiRack Plug-Ins 8.0

FXpansion DCAMDynamics

FXpansion Free Comp

FXpansion Tremor

Genesys USB Mass Storage Device

Git version 1.7.6-preview20110708

GlaceVerb 1.01

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hardcore

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

IL Autogun

IL Download Manager

IL DrumSynth Live

IL Gross Beat

IL Harmless

IL Juice Pack

IL Ogun

IL Slicex

IL Vocodex

Inkscape 0.48.2

Intel® C++ Redistributables for Windows* on IA-32

Intel® C++ Redistributables for Windows* on Intel® 64

Intel® C++ Redistributables on IA-32

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

iZotope iDrum

iZotope Iris

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

Jupiter-8V2 2.0

Lenovo Driver and Application Installation

Lenovo Rescue System

Lenovo USB2.0 UVC Camera

Lexicon PSP 42 32bit

LinPlug relectro

Live 8.2.7

LVT

LXH-JME2207FN Hotkey Driver

Macromedia FreeHand MXa

MAGIX Speed burnR (MSI)

MAGMA Installer

Malwarebytes Anti-Malware version 1.65.0.1400

Mark Needham EZmix pack

Maximus

Mesh Runtime

Metal Essentials EZmix pack

Metal EZmix pack

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Design 4

Microsoft Expression Encoder 4

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Expression Studio 4

Microsoft Expression Web 4

Microsoft Expression Web 4 Service Pack 2

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio Macro Tools

Microsoft Visual Studio Tools for Applications 2.0 - ENU

Microsoft Visual Studio Tools for Applications 2.0 Runtime

Microsoft Web Embedding Fonts Tool (III)

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

minimoog V2 2.0

Miroslav Philharmonik CE

Modern PopRock EZmix pack

Moog Modular V 2.5

Morphine

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

Native Instruments Abbey Road 60s Drums

Native Instruments Absynth 5

Native Instruments Battery 3

Native Instruments Battery Library Importer for Maschine

Native Instruments Berlin Concert Grand

Native Instruments Controller Editor

Native Instruments Damage

Native Instruments Enhanced EQ

Native Instruments FM8

Native Instruments Guitar Rig 5

Native Instruments Komplete 8

Native Instruments Kontakt 5

Native Instruments Kontakt Factory Library

Native Instruments Massive

Native Instruments New York Concert Grand

Native Instruments Passive EQ

Native Instruments Rammfire

Native Instruments Razor

Native Instruments Reaktor 5

Native Instruments Reaktor Prism

Native Instruments Reaktor Spark R2

Native Instruments Reflektor

Native Instruments Scarbee MM-Bass

Native Instruments Scarbee Vintage Keys

Native Instruments Service Center

Native Instruments Skanner XT

Native Instruments Studio Drummer

Native Instruments The Finger R2

Native Instruments The Mouth

Native Instruments Traktors 12

Native Instruments Transient Master

Native Instruments Upright Piano

Native Instruments Vari Comp

Native Instruments Vienna Concert Grand

Native Instruments Vintage Organs

Native Instruments West Africa

nebula3 CM

Noise Reduction Plug-in 2.0i

Noisebud CatchDad

Notepad++

Nuklear VST2 1.1.4

Opera 11.52

PAP 4.0

PAP project files

Pazera Free MP4 to AVI Converter 1.6

PDF Settings CS5

PDF Settings CS6

PDFMate Free PDF Converter 1.10

photoFXlab (32 bit)

Poise 1.1.19

PreSonus Studio One 2

Prophet-V2 2.0

PSP 608 MultiDelay 32bit

PSP Neon 32bit

PTC-2A version 1.0.1

PxMergeModule

Quark Update

QuarkXPress

QuickTime

Realtek High Definition Audio Driver

REAPER

Reason 5.0

Redwirez mixIR2 version 1.0.171

REFLEX PRO V2

reFX Nexus VSTi RTAS v2.2.0

reFX quadraSID 1.6.0

reFX Vanguard VSTi RTAS v1.8.0

rgc:audio sfz+ VSTi v1.01

rgcAudio Square I VSTi v1.2

Rob Papen Albino 3

Rob Papen BLUE Version 1.8.5d

Rob Papen Predator RTAS V1.6.2

Rob Papen Predator V1.6.2a

Rob Papen Punch 32 Bits 1.0.3

Robotronic

Rock EZmix pack

Roger Nichols Digital SIGNATURE Bundle VST RTAS v1.9.3

Ruby 1.9.3-p194

Safari

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Expression Design 4 (KB2667730)

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

SEQ1 Master

SEQ2 Master

Sequoia 12

Sharpener Pro 3.0

shortcircuit

Sibelius 7 OpenType Fonts

Silver Efex Pro 2

SimSynth

Slate Digital FG-X Mastering Processor VST RTAS v1.1.2

Softube Trident A-Range VST RTAS v1.0.2

Softube Tube-Tech CL 1B VST RTAS v1.0.3

Softube Tube Delay VST RTAS v1.0.5

Softube Vintage Amp Room VST RTAS v1.0.8

Sonalksis Plug-in Manager 3.00

Songwriters Tools EZmix pack

Sonnoxplugins Oxford Elite Collection Native v1.0

Sound Forge Pro 10.0

Spark Vintage Drum Machines 1.0.2

Splat! 1.0

Spybot - Search & Destroy

Steinberg VST Classics 1

Sugar Bytes Guitarist Library 1.0

SynthMaster 2.5 VST/VSTi version 2.5.3.109

Sytrus

TerraTec Komplexer VSTi 1.0.3

The T-Pain Effect Bundle

Topaz Adjust 5

Topaz Adjust 5 (64-bit)

Topaz B&W Effects

Topaz B&W Effects (64-bit)

Topaz Clean 3

Topaz Clean 3 (64-bit)

Topaz DeJpeg 4

Topaz DeJpeg 4 (64-bit)

Topaz DeNoise 5

Topaz DeNoise 5 (64-bit)

Topaz Detail 2

Topaz Detail 2 (64-bit)

Topaz Fusion Express 2

Topaz Fusion Express 2 (64-bit)

Topaz InFocus

Topaz InFocus (64-bit)

Topaz Lens Effects

Topaz Lens Effects (64-bit)

Topaz ReMask 3

Topaz ReMask 3 (64-bit)

Topaz Simplify 3

Topaz Simplify 3 (64-bit)

Topaz Star Effects

Topaz Star Effects (64-bit)

Toxic DEMO v2.1

TubeOhm Alpha-Ray

Universal Extractor 1.6.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

ValhallaRoom 1.1.0

ValhallaUberMod 1.0.1

VAZ 2010 2.1.4

VAZ Modular 3.2.4

VAZ Plus 2.1.7

Vegas Pro 11.0

Vember Audio SURGE

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Visualizer v1.9.2

Viveza 2

VKFX 2.2.8

VLC media player 2.0.1

Vogue

VTE-2A version 1.0.7

W2 Harmonizer v1.0

WampServer 2.2

Wasp

Wave Arts Tube Saturator

Waves Complete V9r6

WebTablet FB Plugin

WebTablet IE Plugin

WebTablet Netscape Plugin

Windows 7 Upgrade Advisor

Windows Internet Explorer Platform Preview

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.2

WOW

WPF Toolkit February 2010 (Version 3.5.50211.1)

.

==== Event Viewer Messages From Past Week ========

.

9/19/2012 7:30:04 AM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.

9/18/2012 8:00:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

9/18/2012 11:21:19 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

9/14/2012 9:44:16 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

9/14/2012 9:43:31 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

9/14/2012 9:42:56 AM, Error: Application Popup [1060] - \??\C:\jimmyCrackCorn\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

9/14/2012 9:29:16 AM, Error: Service Control Manager [7034] - The mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Step 2

Please download Rkill to your desktop. There are two main different versions. If one of them won't run then download and try to run the other one. You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

  1. Double-click on the Rkill desktop icon to run the tool.
  2. If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  3. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  4. If not, delete the file, then download and use the second RKill version. Do not reboot until instructed. If the tool does not run from any of the links provided, please let me know.
  5. When the scan is done Notepad will open with rKill log. Post it in your next reply.
    NOTE: rKill.txt log will also be present on your desktop.
    Step 3
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • AdwCleaner log
  • RKill log
  • Malwarebytes' Anti-Malware log

Link to post
Share on other sites

It looks like I am clean now. Thank you so much. :D

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 17:58:55

# Updated 16/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Patrick - PATRICK-PC-X64

# Boot Mode : Normal

# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\searchplugins\Askcom.xml

Folder Deleted : C:\Users\Patrick\AppData\Local\APN

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default

File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1597 octets] - [19/09/2012 07:56:20]

AdwCleaner[s1].txt - [2071 octets] - [19/09/2012 17:58:55]

########## EOF - C:\AdwCleaner[s1].txt - [2131 octets] ##########

Rkill 2.4.3 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/19/2012 06:09:16 PM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

127.0.0.1 adobe.activate.com

Program finished at: 09/19/2012 06:09:26 PM

Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.19.12

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Patrick :: PATRICK-PC-X64 [administrator]

9/19/2012 6:16:22 PM

mbam-log-2012-09-19 (18-16-22).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 222728

Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Link to post
Share on other sites

Here is the AdwCleaner logfile.

# AdwCleaner v2.002 - Logfile created 09/20/2012 at 07:59:39

# Updated 16/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Patrick - PATRICK-PC-X64

# Boot Mode : Normal

# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default

File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1597 octets] - [19/09/2012 07:56:20]

AdwCleaner[s1].txt - [2198 octets] - [19/09/2012 17:58:55]

AdwCleaner[s2].txt - [1101 octets] - [20/09/2012 07:59:39]

########## EOF - C:\AdwCleaner[s2].txt - [1161 octets] ##########

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.