Live Chat & Podcast at 1:00PM Eastern on Sunday!

Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Go to first new post Lavasoft Search redirect hijack
Go to first new post Yontoo removal
Go to first new post YellowMoxie Redirect
Go to first new post Printer Communication Problem- HKLM Boot ...
Go to first new post IE8 open then closes suddenly
Go to first new post Browser shutdown
Go to first new post Laptop is acting weird
Go to first new post windows XP OBJECT DELAY LOAD
Go to first new post Windows 7 problematic. Read for informat ...
Go to first new post Google Search Redirecting/Other Possible ...
Go to first new post Slow connection/mouse problems -- malwar ...
Go to first new post BSOD twice, help?
Go to first new post Suspected Malware - Radio plays randomly ...
Go to first new post Suspected Malware - Radio plays randomly ...
Go to first new post Suspected Malware - Radio plays randomly ...
Search Search
Search for:
Tech Support Guy Forums > > >

Solved: Want to make sure remote access did not breach my laptop


(!)

Reply
RipnDip's Avatar
Computer Specs
Member with 60 posts.
THREAD STARTER
  
Join Date: Mar 2009
Experience: Beginner
22-Feb-2012, 03:26 AM #1
Cool Want to make sure remote access did not breach my laptop
Hi guys & gals.

Long time-- thanks for the help as always. I wish my brain would remember this stuff on its own. Maybe if I did it more often.

I have a new Dell XPS and my laptop wont charge (mobo?). I wanted to do a hardware diagnostic as I am out of the 21 days (thought it was 30).

But first the computer is running slow and I downloaded some keygens (i know at least im honest!) that may have done it. Anytime I run the lastpass program my comp freezes. Also I had a dell tech remote access my computer. An hour later I got emails from my bank saying i answered questions wrong. I never tried logging on that day.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:55:54 AM, on 2/22/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
D:\MediaMonkey\MediaMonkey.exe
C:\Users\Andrew-DELL\Downloads\Programs\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: Boostyb.Core.BHO - {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
O3 - Toolbar: Boostyb.Toolbar.Toolbar - {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrew-DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CyberLink Product - 2012/01/24 00:34:09 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12258 bytes









.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Andrew-DELL at 3:06:34 on 2012-02-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5926 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
D:\MediaMonkey\MediaMonkey.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Users\Andrew-DELL\Downloads\Programs\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.dell.com
uDefault_Page_URL = www.dell.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
BHO: Boostyb.Core.BHO: {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB: Boostyb.Toolbar.Toolbar: {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll
uRun: [Google Update] "C:\Users\Andrew-DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\ANDREW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startu p\Dropbox.lnk - C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E2DB272A-4751-4B1F-A59B-1D97C321E0B5} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
BHO-X64: Boostyb.Core.BHO: {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
TB-X64: Boostyb.Toolbar.Toolbar: {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew-DELL\AppData\Roaming\Mozilla\Firefox\Profiles\jmjrvgd9.default\
FF - prefs.js: browser.search.selectedEngine - Search Here
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?ei=UTF-8&fr=w3is&type=W3i_IA,206,6484_01,Search,20110836,18176,0,0,6484
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchrom ebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5 videoshim.dll
FF - plugin: C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 PSSDK42;PSSDK42;\??\C:\Windows\system32\Drivers\pssdk42.sys --> C:\Windows\system32\Drivers\pssdk42.sys [?]
R1 PSSDKLBF;PSSDKLBF;\??\C:\Windows\system32\Drivers\pssdklbf.sys --> C:\Windows\system32\Drivers\pssdklbf.sys [?]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-11-23 158336]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
.
=============== Created Last 30 ================
.
2012-02-22 08:01:44 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-21 20:27:47 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-02-21 20:27:41 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-02-21 20:26:17 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-02-21 20:17:52 -------- d-----w- C:\ProgramData\Citrix
2012-02-21 20:17:08 -------- d-----w- C:\Program Files (x86)\Citrix
2012-02-21 20:16:46 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Citrix
2012-02-21 20:16:43 103784 ----a-w- C:\Users\Andrew-DELL\GoToAssistDownloadHelper.exe
2012-02-17 01:28:29 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-17 01:28:29 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-17 01:28:25 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-17 01:28:25 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-17 01:28:22 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-17 01:28:19 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-17 01:28:03 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-17 01:28:03 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-16 00:47:07 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Real
2012-02-16 00:46:25 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-02-16 00:44:22 -------- d-----w- C:\Program Files (x86)\The Weather Channel FW
2012-02-16 00:43:47 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\The Weather Channel
2012-02-15 09:48:27 -------- d-----w- C:\Users\Andrew-DELL\dwhelper
2012-02-15 09:31:50 -------- d-----w- C:\ProgramData\Freemake
2012-02-15 08:52:48 -------- d-----w- C:\Program Files (x86)\Freemake
2012-02-15 08:02:55 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Verizon
2012-02-15 07:59:22 65600 ----a-w- C:\Windows\System32\drivers\pssdklbf.sys
2012-02-15 07:59:22 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys
2012-02-15 07:59:17 -------- d-----w- C:\Program Files (x86)\Boost Your Browser
2012-02-15 07:47:20 -------- d-----w- C:\ProgramData\Verizon
2012-02-15 07:46:44 -------- d-----w- C:\Program Files (x86)\Verizon
2012-02-15 03:57:47 -------- d-----w- C:\Program Files (x86)\777
2012-02-13 20:49:27 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\My Games
2012-02-13 20:34:13 -------- d-----w- C:\Program Files\Firaxis Games
2012-02-13 20:25:09 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-02-13 20:25:08 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-02-13 20:25:08 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-02-13 20:25:08 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-02-13 20:25:08 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-02-13 20:25:07 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-02-13 20:25:02 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-02-13 20:25:01 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-02-13 20:10:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2012-02-13 20:09:59 -------- d-----w- C:\Program Files\PowerISO
2012-02-13 00:25:07 -------- d-----w- C:\Program Files (x86)\Firaxis Games
2012-02-12 13:19:16 -------- d-----w- C:\Program Files (x86)\2K Games
2012-02-12 13:14:17 256576 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-02-12 13:13:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2012-02-12 13:11:17 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\DAEMON Tools Pro
2012-02-12 13:11:17 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2012-02-12 13:09:59 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Reverify
2012-02-12 13:05:46 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Sonic_Solutions
2012-02-11 05:42:57 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Malwarebytes
2012-02-11 05:42:35 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-11 05:42:31 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-11 05:42:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-11 02:58:31 -------- d-sh--w- C:\found.000
2012-02-11 01:57:48 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Macrovision
2012-02-11 01:53:02 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Roxio Burn
2012-02-10 19:21:53 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
2012-02-10 09:54:33 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Mozilla
2012-02-09 06:17:10 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\MediaMonkey
2012-02-09 06:13:28 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\MediaMonkey
2012-02-09 06:12:47 -------- d-----w- C:\ProgramData\MediaMonkey
2012-02-07 04:36:13 -------- d-----r- C:\Users\Andrew-DELL\Dropbox
2012-02-07 04:32:31 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Dropbox
2012-02-07 04:20:47 -------- d-----r- C:\Sandbox
2012-02-06 07:09:30 -------- d-----w- C:\Program Files\Sandboxie
2012-02-06 06:47:39 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-02-06 06:45:50 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\uTorrent
2012-02-04 06:31:03 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Google
2012-02-04 06:29:44 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Deployment
2012-02-04 06:29:44 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Apps
2012-02-04 05:56:13 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-02-03 20:38:29 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Adobe
2012-02-03 20:35:52 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\SoftGrid Client
2012-02-03 20:35:51 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\SoftGrid Client
2012-02-03 20:34:30 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-02-03 20:34:19 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\TP
2012-02-03 19:50:49 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-02-01 17:26:42 -------- d-----w- C:\Windows\SysWow64\Wat
2012-02-01 17:26:42 -------- d-----w- C:\Windows\System32\Wat
2012-02-01 07:50:36 -------- d-----w- C:\Program Files (x86)\LastPass
2012-02-01 07:17:40 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-01 06:08:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-02-01 06:08:00 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-02-01 06:08:00 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2012-02-01 06:08:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-02-01 06:06:47 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-01 06:06:47 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-24 08:06:21 -------- d-sh--w- C:\Windows\Installer
2012-01-24 08:06:15 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-01-24 08:06:10 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-01-24 08:06:10 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-01-24 08:05:38 -------- d-----w- C:\Windows\System32\SRSLabs
2012-01-24 08:04:52 -------- d-----w- C:\Program Files\Realtek
2012-01-24 08:04:50 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-01-24 08:04:44 21616 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys
2012-01-24 08:04:36 -------- d-----w- C:\Intel
2012-01-24 08:00:31 -------- d-----w- C:\Windows\Panther
2012-01-24 08:00:18 -------- d-sh--w- C:\Boot
2012-01-24 08:00:10 -------- d-----w- C:\Program Files\STMicroelectronics
2012-01-24 07:59:09 -------- d-----w- C:\Program Files\Synaptics
2012-01-24 07:56:07 -------- d-----w- C:\Windows\System32\OEM
2012-01-24 07:56:07 -------- d-----w- C:\Hotfix
2012-01-24 07:48:27 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-01-24 07:47:35 518896 ----a-w- C:\Windows\System32\SRSTSX64.dll
2012-01-24 06:55:48 -------- d-----w- C:\Program Files\Dell
2012-01-24 06:54:47 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-01-24 06:53:41 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-01-24 06:53:18 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2012-01-24 06:52:41 -------- d-----w- C:\Windows\PCHEALTH
2012-01-24 06:52:31 4927864 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\be86ae4e1ccda64\Silverlight.2.0.exe
2012-01-24 06:52:08 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\DSETUP.dll
2012-01-24 06:52:08 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\DXSETUP.exe
2012-01-24 06:52:08 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\dsetup32.dll
2012-01-24 06:50:40 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc4CF7.tmp
2012-01-24 06:49:37 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-01-24 06:46:46 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-01-24 06:46:44 161168 ----a-w- C:\Windows\System32\mfevtps.exe
2012-01-24 06:46:37 -------- d-----w- C:\Program Files\Common Files\mcafee
2012-01-24 06:46:37 -------- d-----w- C:\Program Files (x86)\mcafee.com
2012-01-24 06:46:37 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee
2012-01-24 06:46:36 -------- d-----w- C:\Program Files\mcafee.com
2012-01-24 06:46:36 -------- d-----w- C:\Program Files\mcafee
2012-01-24 06:46:36 -------- d-----w- C:\Program Files (x86)\McAfee
2012-01-24 06:46:01 -------- d-----w- C:\dell
2012-01-24 06:40:55 -------- d-----w- C:\ProgramData\Uninstall
2012-01-24 06:40:10 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared
2012-01-24 06:39:54 -------- d-----w- C:\ProgramData\PhotoShow Shared Assets
2012-01-24 06:39:53 -------- d-----w- C:\Program Files\Roxio
2012-01-24 06:37:58 4496232 ----a-w- C:\Windows\System32\d3dx9_34.dll
2012-01-24 06:33:55 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
2012-01-24 06:32:37 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-01-24 06:32:37 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-01-24 06:32:37 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-01-24 06:28:59 650240 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\OfficeMUISet.msi
2012-01-24 06:26:54 75 --sh--r- C:\Windows\CT4CET.bin
2012-01-24 06:26:42 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion
2012-01-24 06:26:30 -------- d-----w- C:\Program Files (x86)\Creative
2012-01-24 06:26:15 -------- d-----w- C:\Program Files (x86)\Dell Webcam
2012-01-24 06:26:14 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys
2012-01-24 06:26:14 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys
2012-01-24 06:26:11 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam
2012-01-24 06:25:43 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-01-24 06:25:43 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-01-24 06:25:43 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-01-24 06:25:43 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2012-01-24 06:25:43 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-01-24 06:25:43 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-01-24 06:25:43 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-01-24 06:25:43 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-01-24 06:16:41 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-01-24 06:16:16 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-01-24 06:16:16 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-01-24 06:16:16 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-01-24 06:16:16 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-01-24 06:16:16 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-01-24 06:14:48 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2012-01-24 06:14:48 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2012-01-24 06:14:48 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2012-01-24 06:14:16 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2012-01-24 06:14:16 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2012-01-24 06:14:10 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-01-24 06:14:10 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-01-24 06:12:57 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2012-01-24 06:10:12 -------- d-----w- C:\Windows\SysWow64\NV
2012-01-24 06:10:12 -------- d-----w- C:\Windows\System32\NV
2012-01-24 06:10:11 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 3:09:27.76 ===============





Thanks

Also can I include a McAfee scan as it is the prog that detected the malware. Malwarebytes did as well.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 49,298 posts.
  
Join Date: May 2002
Location: Brandon/Valrico, Florida
Experience: Advanced
22-Feb-2012, 09:41 AM #2
You downloaded keygens for which programs and suites?

If you insist on practicing dangeous and unsafe computing habits, you can expect your computer to get infected and run slow and have problems.

Since it's brand new and less than 30 days old, my advice is to do a full system recovery back to its original factory condition and get a fresh start.

A qualified and trained gold/blue shield member will need to assist you, so you need to wait for one to reply.

-------------------------------------------------------
RipnDip's Avatar
Computer Specs
Member with 60 posts.
THREAD STARTER
  
Join Date: Mar 2009
Experience: Beginner
22-Feb-2012, 06:17 PM #3
Hey Flava,

Thanks for the reply. I never use 90% of the keygens its more like a bad habit of downloading a torrent because its free but never using it. I actually pay for a lot of my software if it works well, like MBAM, idk its psych thing.


I will try to take your advice and not use keygens, the best software is free imo anyway.

Btw DELL sent me a 2nd charger today and it still doesn't work with my system. So I am returning the laptop. I just need to backup my files, idk if it will be infested as i ran scans.
RipnDip's Avatar
Computer Specs
Member with 60 posts.
THREAD STARTER
  
Join Date: Mar 2009
Experience: Beginner
22-Feb-2012, 06:19 PM #4
Mediamonkey was the only program I used a keygen for.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 49,298 posts.
  
Join Date: May 2002
Location: Brandon/Valrico, Florida
Experience: Advanced
23-Feb-2012, 09:29 AM #5
Dell is considered one of the most reliable brands when it comes to buying a laptop, so you may have just gotten a "lemon".

Back up your files and then run a scan on them with McAfee.

Since you're planning to return the laptop and won't need a gold/blue shield member to assist you, click the "Mark Solved" button at the upper left of the webpage.

---------------------------------------------------------
RipnDip's Avatar
Computer Specs
Member with 60 posts.
THREAD STARTER
  
Join Date: Mar 2009
Experience: Beginner
23-Feb-2012, 04:30 PM #6
I think Ill scan first then backup, seems smarter.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 49,298 posts.
  
Join Date: May 2002
Location: Brandon/Valrico, Florida
Experience: Advanced
23-Feb-2012, 04:42 PM #7
Quote:
Originally Posted by RipnDip View Post
I think Ill scan first then backup, seems smarter.
That's what I meant.

-------------------------------------------------------
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join Today!

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


TECH SUPPORT GUY
WELCOME
FOLLOW US
 
You Are Using: Server ID
All times are GMT -4. The time now is 05:08 PM.
Advertisements do not imply our endorsement of that product or service.
Copyright © 1996 - 2013 TechGuy, Inc. All rights reserved. Privacy & Terms.

Trusted Website Back to the Top ↑