Results 1 to 3 of 3

Thread: Mixi DJ toolbar is it all gone?

  1. #1
    Junior Member
    Join Date
    Apr 2013
    Posts
    1

    Default Mixi DJ toolbar is it all gone?

    Hi,

    I am running Windows 7 64 bit on a Lenovo Think Pad.

    I had "Mixi DJ" toolbar install itself in all my browsers and change a bunch of settings in my browsers. I have manually removed the toolbar and any other programs installed at the same time using "add/remove programs" in the control panel.

    I just wanted to check if there was any other Malware hiding that I can't see.

    DDS Log:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_37
    Run by Gord at 10:20:31 on 2013-04-21
    Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.3933.1190 [GMT -4:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\ibmpmsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
    C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
    C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
    C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
    C:\Windows\system32\lxcfcoms.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
    c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
    C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\TpShocks.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    C:\Program Files\Lenovo\Zoom\TpScrex.exe
    C:\Users\Gord\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
    C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe
    C:\Program Files (x86)\AVG\AVG2013\avgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
    C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Users\Gord\AppData\Local\Akamai\netsession_win.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    c:\Program Files (x86)\Lenovo\System Update\SUService.exe
    C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Gord\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gord\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gord\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gord\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN37234078583134621&UM=2&ctid=CT3290973
    uDefault_Page_URL = hxxp://lenovo.msn.com
    uProxyOverride = 127.0.0.1:9421;<local>
    uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
    BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: SMART Sync: {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files (x86)\SMART Technologies\Education Software\SyncIEToolbar.dll
    TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
    uRun: [Google Update] "C:\Users\Gord\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Akamai NetSession Interface] "C:\Users\Gord\AppData\Local\Akamai\netsession_win.exe"
    uRun: [GoogleChromeAutoLaunch_B43FD8F8DCBDC4CFC41CAAEBE1A1AEE6] "C:\Users\Gord\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
    mRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start
    mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
    mRun: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    mRun: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe"
    mRun: [SMART Board Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
    mRun: [SMARTClassroomCoordinator.exe] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Launch Backup Service Once] C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe -start
    StartupFolder: C:\Users\Gord\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: DisableCAD = dword:1
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
    IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    TCP: NameServer = 24.226.1.93 24.226.10.193 24.226.10.194
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C} : DHCPNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\34C454D454E445 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\841627B656E675962756C6563737 : DHCPNameServer = 216.168.96.250 216.168.96.251
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\A41636B6 : DHCPNameServer = 64.71.255.198
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\B4052594E6475627E65647 : DHCPNameServer = 4.2.2.2 64.71.255.198
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\C414552514F525F676562737 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{998D43E0-1260-4B54-8652-AC9881F2245C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{B8928446-A588-43D9-8DF0-4821AFF1A12F} : DHCPNameServer = 10.200.6.13 10.200.6.14 10.200.6.18
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
    x64-BHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    x64-Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    x64-Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [TpShocks] TpShocks.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
    x64-Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [LXCFCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\LXCFtime.dll,RunDLLEntry
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Gord\AppData\Roaming\Mozilla\Firefox\Profiles\py8ch8jx.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3290973&CUI=UN93060649527723501&UM=2&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3290973&CUI=UN93060649527723501&UM=2&SearchSource=13
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3290973&SearchSource=2&CUI=UN93060649527723501&UM=2&q=
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
    FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
    FF - plugin: C:\Users\Gord\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-11-4 55856]
    R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-6-29 23592]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-2-26 246072]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-2-14 239416]
    R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2009-7-16 15400]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-27 4937264]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624]
    R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2009-9-8 45424]
    R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-1-6 1104608]
    R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]
    R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2009-9-8 62320]
    R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2009-11-4 161024]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-8-20 138752]
    R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-6-7 143320]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-11-4 5435904]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-4 215040]
    R3 SMARTMouseFilterx64;HID-compliant mouse;C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [2011-7-13 13168]
    R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [2011-7-13 16368]
    R3 SMARTVTabletPCx64;SMART Virtual TabletPC;C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [2011-7-13 24944]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-5 362992]
    S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-8-5 309744]
    S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-8-5 166384]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-11-4 35104]
    S3 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w --> C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
    S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2009-11-4 75040]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-5 313840]
    S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-8-5 1124848]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 Tomcat6;Apache Tomcat 6;C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe [2010-3-9 78336]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
    S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2010-9-22 16384]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-31 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-04-21 13:18:51 -------- d-----w- C:\Users\Gord\AppData\Local\{EF19893F-AAAA-4D6E-96EC-69598595F443}
    2013-04-21 03:27:07 -------- d-----w- C:\components
    2013-04-21 00:37:45 -------- d-----w- C:\Users\Gord\AppData\Roaming\Strongvault
    2013-04-21 00:36:11 -------- d-sh--w- C:\AI_RecycleBin
    2013-04-11 19:28:09 3717632 ----a-w- C:\Windows\System32\mstscax.dll
    2013-04-11 19:28:09 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2013-04-11 19:28:05 44032 ----a-w- C:\Windows\System32\tsgqec.dll
    2013-04-11 19:28:05 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
    2013-04-11 19:28:05 158720 ----a-w- C:\Windows\System32\aaclient.dll
    2013-04-11 19:28:05 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
    2013-04-08 01:28:54 -------- d-----w- C:\Users\Gord\AppData\Local\V-Safe 100
    2013-03-26 00:39:20 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
    .
    ==================== Find3M ====================
    .
    2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-03-02 05:56:00 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2013-03-02 04:58:26 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-03-02 03:57:05 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-03-02 03:22:06 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-02-27 03:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2013-02-14 07:52:46 239416 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-02-08 08:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
    2013-02-08 08:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys
    2013-02-08 08:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2013-02-08 08:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2013-02-08 08:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    2013-01-24 06:01:01 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    .
    ============= FINISH: 10:21:37.62 ===============


    I had some issues running asw, I got a blue screen of death the first time I ran it, and it seemed to get stuck the second time... I was able to save a log the second time... it is below.

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-04-21 10:47:54
    -----------------------------
    10:47:54.336 OS Version: Windows x64 6.1.7601 Service Pack 1
    10:47:54.336 Number of processors: 2 586 0x170A
    10:47:54.336 ComputerName: GORD-LAPTOP UserName: Gord
    10:48:18.750 Initialize success
    10:48:32.182 AVAST engine defs: 13042100
    10:48:47.002 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    10:48:47.002 Disk 0 Vendor: ST932032 0020 Size: 305245MB BusType: 3
    10:48:47.158 Disk 0 MBR read successfully
    10:48:47.158 Disk 0 MBR scan
    10:48:47.173 Disk 0 unknown MBR code
    10:48:47.189 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
    10:48:47.205 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 294043 MB offset 2459648
    10:48:47.267 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 604659712
    10:48:47.657 Disk 0 scanning C:\Windows\system32\drivers
    10:49:10.885 Service scanning
    10:50:01.164 Modules scanning
    10:50:01.195 Disk 0 trace - called modules:
    10:50:01.195
    10:50:04.003 AVAST engine scan C:\Windows
    10:50:07.747 AVAST engine scan C:\Windows\system32
    10:59:46.886 AVAST engine scan C:\Windows\system32\drivers
    11:00:14.015 AVAST engine scan C:\Users\Gord
    11:07:08.648 Disk 0 MBR has been saved successfully to "C:\Users\Gord\Desktop\MBR.dat"
    11:07:08.648 The log file has been saved successfully to "C:\Users\Gord\Desktop\aswMBR.txt"
    =================================

    Thank you very much for your time and effort,

    -- Gord
    Attached Files Attached Files

  2. #2
    Anti-Malware Team
    Join Date
    Mar 2011
    Location
    Canada
    Posts
    104

    Default Mixi DJ Toolbar is it all gone?

    Hello gclement.

    My name is fbfbfb. I will gladly assist you with your concerns.

    Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advice. This may cause a delay, but I will do my best to keep it as short as possible.

    I am checking over your DDS and aswMBR logs now, and I will post back shortly with instructions.

    While working to resolve the issues with your machine, please follow these guidelines:
    • Please be patient. Logs are lengthy and can take time to analyze.
    • Read and follow my directions carefully, in the sequence they are posted.
    • If you are unsure about anything, please ask for clarification before continuing.
    • Use only those tools that you have been directed to use.
    • Do not install or uninstall any applications or run any other scans without being directed to do so.
    • Copy and Paste the log files inside your post. Do not send them as attachments unless otherwise instructed.
    • Stay with me until your machine has been deemed all clear.
    • Please reply within 3 days of each posting to avoid closing this topic.

  3. #3
    Anti-Malware Team
    Join Date
    Mar 2011
    Location
    Canada
    Posts
    104

    Default Mixi DJ toolbar is it all gone?

    Hello, gclement.

    Thank you for including your DDS log. DDS should have produced a second log named attach.txt and saved it to you desktop. If it is there, please submit this log to me. If you are unable to locate this report, please rerun DDS and submit both reports.

    Your DDS log indicates that we need to address a few issues. You had some difficulty running aswMBR, including the BSOD. Let's take a closer look to see if there are other issues we need to address.

    Please run the following scans

    1. Rogue Killer

    Please download Rogue Killer from HERE.
    • Quit all running programs before continuing.
    • Double-click roguekiller.exe to run it.
    • Wait for the Prescan to finish.
    • Click Scan and wait for the scan to complete.
    • A report will be created and saved on your desktop.
    • Exit the program.

    Copy and paste the RKreport.txt report into your next reply.

    2. Security Check
    Please download Security Check by screen317 from HERE or HERE.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt. This may take a few minutes.

    Please copy and paste the contents of that document into your next reply.
    Last edited by tashi; 2013-04-30 at 04:04. Reason: Topic was archived due to lack of activity

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •