1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Want to make sure remote access did not breach my laptop

Discussion in 'Virus & Other Malware Removal' started by RipnDip, Feb 22, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. RipnDip

    RipnDip Thread Starter

    Joined:
    Mar 14, 2009
    Messages:
    67
    Hi guys & gals.

    Long time-- thanks for the help as always. I wish my brain would remember this stuff on its own. Maybe if I did it more often.

    I have a new Dell XPS and my laptop wont charge (mobo?). I wanted to do a hardware diagnostic as I am out of the 21 days (thought it was 30).

    But first the computer is running slow and I downloaded some keygens (i know at least im honest!) that may have done it. Anytime I run the lastpass program my comp freezes. Also I had a dell tech remote access my computer. An hour later I got emails from my bank saying i answered questions wrong. I never tried logging on that day.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:55:54 AM, on 2/22/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
    C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
    C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    D:\MediaMonkey\MediaMonkey.exe
    C:\Users\Andrew-DELL\Downloads\Programs\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Boostyb.Core.BHO - {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
    O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
    O3 - Toolbar: Boostyb.Toolbar.Toolbar - {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
    O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrew-DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dropbox.lnk = Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
    O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
    O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: CyberLink Product - 2012/01/24 00:34:09 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 12258 bytes









    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
    Run by Andrew-DELL at 3:06:34 on 2012-02-22
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5926 [GMT -5:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
    C:\Program Files\Sandboxie\SbieCtrl.exe
    C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
    C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
    C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    D:\MediaMonkey\MediaMonkey.exe
    C:\Program Files\mcafee.com\agent\mcagent.exe
    C:\Users\Andrew-DELL\Downloads\Programs\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\msiexec.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.dell.com
    uDefault_Page_URL = www.dell.com
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Boostyb.Core.BHO: {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
    TB: Boostyb.Toolbar.Toolbar: {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll
    uRun: [Google Update] "C:\Users\Andrew-DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
    uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
    mRun: [<NO NAME>]
    mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
    mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\ANDREW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Andrew-DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
    IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{E2DB272A-4751-4B1F-A59B-1D97C321E0B5} : DhcpNameServer = 192.168.1.1
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
    AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO-X64: McAfee Phishing Filter - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Boostyb.Core.BHO: {42ad2408-abba-2408-1972-4706560e817b} - mscoree.dll
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120210142153.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll
    BHO-X64: LastPass Browser Helper Object - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll
    TB-X64: Boostyb.Toolbar.Toolbar: {42ad2408-baaa-408d-b13e-4706560e817b} - mscoree.dll
    mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
    mRun-x64: [(Default)]
    mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
    mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
    mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Andrew-DELL\AppData\Roaming\Mozilla\Firefox\Profiles\jmjrvgd9.default\
    FF - prefs.js: browser.search.selectedEngine - Search Here
    FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?ei=UTF-8&fr=w3is&type=W3i_IA,206,6484_01,Search,20110836,18176,0,0,6484
    FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\Andrew-DELL\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
    R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
    R1 PSSDK42;PSSDK42;\??\C:\Windows\system32\Drivers\pssdk42.sys --> C:\Windows\system32\Drivers\pssdk42.sys [?]
    R1 PSSDKLBF;PSSDKLBF;\??\C:\Windows\system32\Drivers\pssdklbf.sys --> C:\Windows\system32\Drivers\pssdklbf.sys [?]
    R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
    R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-11-23 158336]
    S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-02-22 08:01:44 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-02-21 20:27:47 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
    2012-02-21 20:27:41 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
    2012-02-21 20:26:17 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
    2012-02-21 20:17:52 -------- d-----w- C:\ProgramData\Citrix
    2012-02-21 20:17:08 -------- d-----w- C:\Program Files (x86)\Citrix
    2012-02-21 20:16:46 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Citrix
    2012-02-21 20:16:43 103784 ----a-w- C:\Users\Andrew-DELL\GoToAssistDownloadHelper.exe
    2012-02-17 01:28:29 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-02-17 01:28:29 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2012-02-17 01:28:25 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2012-02-17 01:28:25 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2012-02-17 01:28:22 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-02-17 01:28:19 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2012-02-17 01:28:03 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2012-02-17 01:28:03 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2012-02-16 00:47:07 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Real
    2012-02-16 00:46:25 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
    2012-02-16 00:44:22 -------- d-----w- C:\Program Files (x86)\The Weather Channel FW
    2012-02-16 00:43:47 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\The Weather Channel
    2012-02-15 09:48:27 -------- d-----w- C:\Users\Andrew-DELL\dwhelper
    2012-02-15 09:31:50 -------- d-----w- C:\ProgramData\Freemake
    2012-02-15 08:52:48 -------- d-----w- C:\Program Files (x86)\Freemake
    2012-02-15 08:02:55 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Verizon
    2012-02-15 07:59:22 65600 ----a-w- C:\Windows\System32\drivers\pssdklbf.sys
    2012-02-15 07:59:22 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys
    2012-02-15 07:59:17 -------- d-----w- C:\Program Files (x86)\Boost Your Browser
    2012-02-15 07:47:20 -------- d-----w- C:\ProgramData\Verizon
    2012-02-15 07:46:44 -------- d-----w- C:\Program Files (x86)\Verizon
    2012-02-15 03:57:47 -------- d-----w- C:\Program Files (x86)\777
    2012-02-13 20:49:27 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\My Games
    2012-02-13 20:34:13 -------- d-----w- C:\Program Files\Firaxis Games
    2012-02-13 20:25:09 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
    2012-02-13 20:25:08 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
    2012-02-13 20:25:08 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
    2012-02-13 20:25:08 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
    2012-02-13 20:25:08 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
    2012-02-13 20:25:07 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
    2012-02-13 20:25:02 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
    2012-02-13 20:25:01 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
    2012-02-13 20:10:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys
    2012-02-13 20:09:59 -------- d-----w- C:\Program Files\PowerISO
    2012-02-13 00:25:07 -------- d-----w- C:\Program Files (x86)\Firaxis Games
    2012-02-12 13:19:16 -------- d-----w- C:\Program Files (x86)\2K Games
    2012-02-12 13:14:17 256576 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
    2012-02-12 13:13:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
    2012-02-12 13:11:17 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\DAEMON Tools Pro
    2012-02-12 13:11:17 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
    2012-02-12 13:09:59 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Reverify
    2012-02-12 13:05:46 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Sonic_Solutions
    2012-02-11 05:42:57 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Malwarebytes
    2012-02-11 05:42:35 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-11 05:42:31 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-02-11 05:42:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-11 02:58:31 -------- d-sh--w- C:\found.000
    2012-02-11 01:57:48 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Macrovision
    2012-02-11 01:53:02 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Roxio Burn
    2012-02-10 19:21:53 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
    2012-02-10 09:54:33 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Mozilla
    2012-02-09 06:17:10 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\MediaMonkey
    2012-02-09 06:13:28 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\MediaMonkey
    2012-02-09 06:12:47 -------- d-----w- C:\ProgramData\MediaMonkey
    2012-02-07 04:36:13 -------- d-----r- C:\Users\Andrew-DELL\Dropbox
    2012-02-07 04:32:31 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\Dropbox
    2012-02-07 04:20:47 -------- d-----r- C:\Sandbox
    2012-02-06 07:09:30 -------- d-----w- C:\Program Files\Sandboxie
    2012-02-06 06:47:39 -------- d-----w- C:\Program Files (x86)\uTorrent
    2012-02-06 06:45:50 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\uTorrent
    2012-02-04 06:31:03 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Google
    2012-02-04 06:29:44 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Deployment
    2012-02-04 06:29:44 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Apps
    2012-02-04 05:56:13 -------- d-----w- C:\ProgramData\VirtualizedApplications
    2012-02-03 20:38:29 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\Adobe
    2012-02-03 20:35:52 -------- d-----w- C:\Users\Andrew-DELL\AppData\Local\SoftGrid Client
    2012-02-03 20:35:51 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\SoftGrid Client
    2012-02-03 20:34:30 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
    2012-02-03 20:34:19 -------- d-----w- C:\Users\Andrew-DELL\AppData\Roaming\TP
    2012-02-03 19:50:49 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-02-01 17:26:42 -------- d-----w- C:\Windows\SysWow64\Wat
    2012-02-01 17:26:42 -------- d-----w- C:\Windows\System32\Wat
    2012-02-01 07:50:36 -------- d-----w- C:\Program Files (x86)\LastPass
    2012-02-01 07:17:40 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-02-01 06:08:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
    2012-02-01 06:08:00 613888 ----a-w- C:\Windows\System32\psisdecd.dll
    2012-02-01 06:08:00 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
    2012-02-01 06:08:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
    2012-02-01 06:06:47 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-02-01 06:06:47 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-01-24 08:06:21 -------- d-sh--w- C:\Windows\Installer
    2012-01-24 08:06:15 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2012-01-24 08:06:10 -------- d-----w- C:\Program Files\NVIDIA Corporation
    2012-01-24 08:06:10 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
    2012-01-24 08:05:38 -------- d-----w- C:\Windows\System32\SRSLabs
    2012-01-24 08:04:52 -------- d-----w- C:\Program Files\Realtek
    2012-01-24 08:04:50 -------- d-----w- C:\Windows\SysWow64\RTCOM
    2012-01-24 08:04:44 21616 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys
    2012-01-24 08:04:36 -------- d-----w- C:\Intel
    2012-01-24 08:00:31 -------- d-----w- C:\Windows\Panther
    2012-01-24 08:00:18 -------- d-sh--w- C:\Boot
    2012-01-24 08:00:10 -------- d-----w- C:\Program Files\STMicroelectronics
    2012-01-24 07:59:09 -------- d-----w- C:\Program Files\Synaptics
    2012-01-24 07:56:07 -------- d-----w- C:\Windows\System32\OEM
    2012-01-24 07:56:07 -------- d-----w- C:\Hotfix
    2012-01-24 07:48:27 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
    2012-01-24 07:47:35 518896 ----a-w- C:\Windows\System32\SRSTSX64.dll
    2012-01-24 06:55:48 -------- d-----w- C:\Program Files\Dell
    2012-01-24 06:54:47 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2012-01-24 06:53:41 -------- d-----w- C:\Program Files (x86)\Microsoft
    2012-01-24 06:53:18 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
    2012-01-24 06:52:41 -------- d-----w- C:\Windows\PCHEALTH
    2012-01-24 06:52:31 4927864 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\be86ae4e1ccda64\Silverlight.2.0.exe
    2012-01-24 06:52:08 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\DSETUP.dll
    2012-01-24 06:52:08 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\DXSETUP.exe
    2012-01-24 06:52:08 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0a005141ccda64\dsetup32.dll
    2012-01-24 06:50:40 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc4CF7.tmp
    2012-01-24 06:49:37 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2012-01-24 06:46:46 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
    2012-01-24 06:46:44 161168 ----a-w- C:\Windows\System32\mfevtps.exe
    2012-01-24 06:46:37 -------- d-----w- C:\Program Files\Common Files\mcafee
    2012-01-24 06:46:37 -------- d-----w- C:\Program Files (x86)\mcafee.com
    2012-01-24 06:46:37 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee
    2012-01-24 06:46:36 -------- d-----w- C:\Program Files\mcafee.com
    2012-01-24 06:46:36 -------- d-----w- C:\Program Files\mcafee
    2012-01-24 06:46:36 -------- d-----w- C:\Program Files (x86)\McAfee
    2012-01-24 06:46:01 -------- d-----w- C:\dell
    2012-01-24 06:40:55 -------- d-----w- C:\ProgramData\Uninstall
    2012-01-24 06:40:10 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared
    2012-01-24 06:39:54 -------- d-----w- C:\ProgramData\PhotoShow Shared Assets
    2012-01-24 06:39:53 -------- d-----w- C:\Program Files\Roxio
    2012-01-24 06:37:58 4496232 ----a-w- C:\Windows\System32\d3dx9_34.dll
    2012-01-24 06:33:55 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
    2012-01-24 06:32:37 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2012-01-24 06:32:37 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2012-01-24 06:32:37 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2012-01-24 06:28:59 650240 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\OfficeMUISet.msi
    2012-01-24 06:26:54 75 --sh--r- C:\Windows\CT4CET.bin
    2012-01-24 06:26:42 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion
    2012-01-24 06:26:30 -------- d-----w- C:\Program Files (x86)\Creative
    2012-01-24 06:26:15 -------- d-----w- C:\Program Files (x86)\Dell Webcam
    2012-01-24 06:26:14 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys
    2012-01-24 06:26:14 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys
    2012-01-24 06:26:11 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam
    2012-01-24 06:25:43 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2012-01-24 06:25:43 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2012-01-24 06:25:43 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2012-01-24 06:25:43 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2012-01-24 06:25:43 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2012-01-24 06:25:43 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2012-01-24 06:25:43 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2012-01-24 06:25:43 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2012-01-24 06:16:41 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2012-01-24 06:16:16 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2012-01-24 06:16:16 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
    2012-01-24 06:16:16 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
    2012-01-24 06:16:16 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
    2012-01-24 06:16:16 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2012-01-24 06:14:48 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2012-01-24 06:14:48 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2012-01-24 06:14:48 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2012-01-24 06:14:16 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2012-01-24 06:14:16 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2012-01-24 06:14:10 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2012-01-24 06:14:10 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2012-01-24 06:12:57 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2012-01-24 06:10:12 -------- d-----w- C:\Windows\SysWow64\NV
    2012-01-24 06:10:12 -------- d-----w- C:\Windows\System32\NV
    2012-01-24 06:10:11 -------- d-sh--w- C:\Recovery
    .
    ==================== Find3M ====================
    .
    2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
    2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 3:09:27.76 ===============





    :) Thanks

    Also can I include a McAfee scan as it is the prog that detected the malware. Malwarebytes did as well.
     
  2. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,671
    You downloaded keygens for which programs and suites?

    If you insist on practicing dangeous and unsafe computing habits, you can expect your computer to get infected and run slow and have problems.

    Since it's brand new and less than 30 days old, my advice is to do a full system recovery back to its original factory condition and get a fresh start.

    A qualified and trained gold/blue shield member will need to assist you, so you need to wait for one to reply.

    -------------------------------------------------------
     
  3. RipnDip

    RipnDip Thread Starter

    Joined:
    Mar 14, 2009
    Messages:
    67
    Hey Flava,

    Thanks for the reply. I never use 90% of the keygens its more like a bad habit of downloading a torrent because its free but never using it. I actually pay for a lot of my software if it works well, like MBAM, idk its psych thing.


    I will try to take your advice and not use keygens, the best software is free imo anyway.

    Btw DELL sent me a 2nd charger today and it still doesn't work with my system. So I am returning the laptop. I just need to backup my files, idk if it will be infested as i ran scans.
     
  4. RipnDip

    RipnDip Thread Starter

    Joined:
    Mar 14, 2009
    Messages:
    67
    Mediamonkey was the only program I used a keygen for.
     
  5. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,671
    Dell is considered one of the most reliable brands when it comes to buying a laptop, so you may have just gotten a "lemon".

    Back up your files and then run a scan on them with McAfee.

    Since you're planning to return the laptop and won't need a gold/blue shield member to assist you, click the "Mark Solved" button at the upper left of the webpage.

    ---------------------------------------------------------
     
  6. RipnDip

    RipnDip Thread Starter

    Joined:
    Mar 14, 2009
    Messages:
    67
    I think Ill scan first then backup, seems smarter.
     
  7. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,671
    That's what I meant.

    -------------------------------------------------------
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1042174