Jump to content

Search the Community

Showing results for tags 'Random Audio'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. Hello everyone. My computer seems to be infected by something that has turned out to be very difficult to eliminate. What happens is that a weird Japanese audio is played randomly, and when checking the audio mixer I see "Host Process for Windows Service". Of course, I can mute it there, but every time it starts to play again, I have to manually mute it, which is seriously getting on my nerves. I have scanned my computer with all the advanced options from Windows Defender, and with Malwarebytes several times, I've used the Adwcleaner tool, but none of this has been able to get rid of the problem. Upon reading the instructions in this community and attaching the log files created by the Farbar Recovery Scan Tool. I really hope somebody can help me. Thank you for your time Addition.txt FRST.txt
  2. Hello, I've seen some other similar postings about this so I know I'm not alone. My girlfriend got excited about the opportunity to view some of her shows through some bootleg sites and this is what she gets. She must have clicked on the wrong link because now it's like we have a ghost in the computer in the form of random background audio that sounds like adverstisments and other weird stuff. I ran full Malware scan. I'm going to post my log results below. Please help! Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2014.03.26.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Hilda :: CRAZYMONKEY [administrator] Protection: Enabled 3/25/2014 8:45:08 PM MBAM-log-2014-03-26 (05-54-25).txt Scan type: Full scan (C:\|D:\|E:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 471556 Time elapsed: 1 hour(s), 38 minute(s), 20 second(s) Memory Processes Detected: 2 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> 2208 -> No action taken. C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> 4400 -> No action taken. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 10 HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Savingsbull) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB} (PUP.Optional.FreeFileConverter.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB} (PUP.Optional.FreeFileConverter.A) -> No action taken. HKCR\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5} (PUP.Optional.OutBrowse) -> No action taken. HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken. HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> No action taken. HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> No action taken. HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> No action taken. HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> No action taken. Registry Values Detected: 3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BrowserSafeguard (PUP.Optional.BrowserSafeGuard.A) -> Data: "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" -> No action taken. HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> No action taken. HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: browsersafeguard-rockettab-revenyou -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 4 C:\Program Files (x86)\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> No action taken. C:\Program Files\SavingsBull (PUP.Optional.SavingsBull.A) -> No action taken. Files Detected: 34 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> No action taken. C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Savingsbull) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTR6GFPA\ConvertFilesforFree[1].exe (PUP.Optional.FastFreeConverter.A) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTR6GFPA\SearchProtectGeneric2[1].exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTR6GFPA\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWJ2K3I8\cbs_savingsbull_BBA5481A-926B-4561-BD79-249F618495E6[1].exe (PUP.Optional.Savingsbull) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WQCLP5SE\setup.exe (PUP.Optional.Outbrowse) -> No action taken. C:\Users\Hilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WQCLP5SE\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\InSetup1395022523.exe (PUP.Optional.OutBrowse) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nse7C7C.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nse8025.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nse868E.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nse8A37.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsg6756.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsgAEF4.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsgB339.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsl6B1E.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsrDDB5.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\SearchProtectINT.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsj45C2\SpSetup.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Users\Hilda\AppData\Local\Temp\nsl3F8A\SpSetup.exe (PUP.Optional.Conduit.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\makecert.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken. C:\Program Files\SavingsBull\uninstaller.exe (PUP.Optional.SavingsBull.A) -> No action taken. (end)
  3. A few days ago, my Dell laptop running Windows 7 Professional (64bit) started playing random audio selections when connected to the network. In addition, when I attempt to open Norton 360, the application momentarily opens, but quickly closes. Thereafter, I am unable to re-open it without restarting my machine. I am able run Norton 360 scans via the right-click popup menus. I've run several scans both in normal mode, unplugged from the network, and in safe mode with networking using Norton 360, but no issues were discovered. I've also run Quick and Complete Malwarebytes Anti-Malware scans, again in normal mode and safe mode with networking. No issues were found during these scans either. I've run the DDS.scr utility as directed prior to creating this post. +++++++++++++++++++++++++++++ dds.txt log contents: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 1.6.0_35 Run by Matt at 23:26:18 on 2013-07-15 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8089.6017 [GMT -4:00] . AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Fingerprint Sensor\ATService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Program Files\Common Files\SPBA\upeksvr.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\IBM\RationalRLKS\common\lmgrd.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\IBM\RationalRLKS\common\lmgrd.exe C:\Windows\system32\inetsrv\inetinfo.exe C:\Program Files (x86)\IBM\RationalRLKS\common\ibmratl.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SYSARCH\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Windows\system32\DRIVERS\o2flash.exe c:\Windows\SysWOW64\srvany.exe c:\Windows\sysWOW64\SDIOAssist.exe C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\oracle\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe C:\Windows\System32\svchost.exe -k HPZ12 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\Windows\SysWOW64\vmnat.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\dell\DBRM\Reminder\DbrmTrayicon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\igfxext.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\VMware\VMware Player\hqtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\SysWOW64\RunDll32.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [GoToMeeting] "C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe" "/Trigger RunAtLogon" mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRunOnce: [*NPE] "C:\Users\Matt\Desktop\AVTOOLS\NPE.exe" /POSTADVSCAN StartupFolder: C:\Users\Matt\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLSY~1.LNK - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: DisableCAD = dword:1 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll TCP: Interfaces\{60792173-D8DE-485E-BECA-A03E2F143880} : DHCPNameServer = 192.168.1.1 71.252.0.12 TCP: Interfaces\{D69DBBE0-1E6C-4D7C-ABB4-AE6C9527F340} : DHCPNameServer = 192.168.1.1 71.252.0.12 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL LSA: Authentication Packages = msv1_0 wvauth x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe x64-Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\r5ec28vk.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Matt\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Matt\AppData\Roaming\Mozilla\plugins\npicaN.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: !HIDDEN! 2011-07-20 13:31; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-6-25 21616] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-13 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-13 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-7-2 1393240] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-13 169048] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130712.001\IDSviA64.sys [2013-7-13 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-13 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-13 433752] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-6-25 89600] R2 ATService;AuthenTec Fingerprint Service;C:\Program Files\Fingerprint Sensor\ATService.exe [2010-5-10 2683712] R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-6-29 158720] R2 dcpsysmgrsvc;Dell System Manager Service;C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-1-20 517488] R2 FLEXlm License Manager;FLEXlm License Manager;C:\Program Files (x86)\IBM\RationalRLKS\common\lmgrd.exe [2013-3-28 1344336] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896] R2 MSSQL$SYSARCH;SQL Server (SYSARCH);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SYSARCH\MSSQL\Binn\sqlservr.exe [2010-4-3 42884448] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe [2013-6-13 144368] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-4-11 204304] R2 O2SDIOAssist;O2SDIOAssist;C:\Windows\SysWOW64\srvany.exe [2011-6-25 8192] R2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;C:\oracle\product\11.2.0\dbhome_1\BIN\TNSLSNR --> C:\oracle\product\11.2.0\dbhome_1\BIN\TNSLSNR [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-25 2656280] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-3-25 539248] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-6-25 27760] R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2011-6-25 616960] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-15 138912] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-6-25 317440] R3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2011-6-25 74984] R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2011-6-25 83560] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 OracleDBConsoleCOBALT3;OracleDBConsoleCOBALT3;C:\oracle\product\11.2.0\dbhome_1\BIN\nmesrvc.exe [2011-9-14 34304] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-6-25 349736] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-6-25 39464] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 Elements;Elements;C:\EE\Elements\bin\tomcat6_64.exe [2012-4-27 96256] S3 Elements2;Elements2;C:\EE\Elements2\bin\tomcat6_64.exe [2013-3-18 96256] S3 Elements3;Elements3;C:\EE\Elements3\bin\tomcat6_64.exe [2013-6-21 96256] S3 IBM Rational System Architect Rest Service;IBM Rational System Architect Rest Service;C:\Program Files (x86)\IBM\Rational\System Architect Suite\System Architect\SARestWebService.exe [2012-5-31 209920] S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448] S3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2011-6-25 72808] S3 OracleDBConsoleCOBALT1;OracleDBConsoleCOBALT1;C:\oracle\product\11.2.0\dbhome_1\BIN\nmesrvc.exe [2011-9-14 34304] S3 OracleDBConsoleCOBALT2;OracleDBConsoleCOBALT2;C:\oracle\product\11.2.0\dbhome_1\BIN\nmesrvc.exe [2011-9-14 34304] S3 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;C:\oracle\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:C:\oracle\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> C:\oracle\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:C:\oracle\product\11.2.0\dbhome_1\bin\oraclr11.dll [?] S3 OracleServiceCOBALT1;OracleServiceCOBALT1;c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT1 --> c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT1 [?] S3 OracleServiceCOBALT2;OracleServiceCOBALT2;c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT2 --> c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT2 [?] S3 OracleServiceCOBALT3;OracleServiceCOBALT3;c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT3 --> c:\oracle\product\11.2.0\dbhome_1\bin\ORACLE.EXE COBALT3 [?] S3 OracleVssWriterCOBALT1;Oracle COBALT1 VSS Writer Service;c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT1 --> c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT1 [?] S3 OracleVssWriterCOBALT2;Oracle COBALT2 VSS Writer Service;c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT2 --> c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT2 [?] S3 OracleVssWriterCOBALT3;Oracle COBALT3 VSS Writer Service;c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT3 --> c:\oracle\product\11.2.0\dbhome_1\bin\OraVSSW.exe COBALT3 [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-1 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896] S4 OracleJobSchedulerCOBALT1;OracleJobSchedulerCOBALT1;c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT1 --> c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT1 [?] S4 OracleJobSchedulerCOBALT2;OracleJobSchedulerCOBALT2;c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT2 --> c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT2 [?] S4 OracleJobSchedulerCOBALT3;OracleJobSchedulerCOBALT3;c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT3 --> c:\oracle\product\11.2.0\dbhome_1\Bin\extjob.exe COBALT3 [?] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] S4 SQLAgent$SYSARCH;SQL Server Agent (SYSARCH);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SYSARCH\MSSQL\Binn\SQLAGENT.EXE [2010-4-3 367456] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [userChoice] FileExt: .vbe: VBEFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .vbs: VBSFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .js: JSFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .jse: JSEFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .wsf: WSFFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] . =============== Created Last 30 ================ . 2013-07-13 02:47:10 -------- d-----w- C:\Program Files\CCleaner 2013-07-12 18:00:00 -------- d-----w- C:\Users\Matt\AppData\Roaming\Malwarebytes 2013-07-12 17:59:41 -------- d-----w- C:\ProgramData\Malwarebytes 2013-07-12 17:59:40 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-07-12 17:59:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-12 17:57:51 -------- d-----w- C:\Users\Matt\AppData\Local\Programs 2013-07-12 16:56:23 -------- d-----w- C:\Windows\pss 2013-07-12 16:38:29 -------- d-----w- C:\Users\Matt\AppData\Local\NPE . ==================== Find3M ==================== . 2013-06-13 12:37:19 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-13 12:23:37 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-13 12:23:37 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-23 05:25:28 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys 2013-05-21 05:02:00 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-16 05:02:14 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-25 00:43:56 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2012-03-25 01:07:37 3993600 ----a-w- C:\Program Files (x86)\GUT571F.tmp . ============= FINISH: 23:27:02.59 =============== +++++++++++++++++++++++++++++ Attach.txt log contents: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/30/2011 5:39:18 PM System Uptime: 7/15/2013 11:08:17 PM (0 hours ago) . Motherboard: Dell Inc. | | 03PH4G Processor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU 1 | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 456 GiB total, 61.048 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP220: 6/25/2013 12:00:02 AM - Scheduled Checkpoint RP221: 7/3/2013 12:27:18 PM - Scheduled Checkpoint RP222: 7/12/2013 10:10:28 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . 1400 1400_Help 1400Trb 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) AccelerometerP11 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.7) AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan AuthenTec Fingerprint Software BioAPI Framework Broadcom NetXtreme-I Netlink Driver and Management Installer BufferChm CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Citrix XenApp Web Plugin Copy Custom CyberLink PowerDVD 9.5 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Dell Backup and Recovery Manager Dell Data Protection | Access Dell Data Protection | Access | Drivers Dell Data Protection | Access | Middleware Dell Edoc Viewer Dell System Manager Dell Touchpad DellAccess Destinations DeviceDiscovery Digital Line Detect DocProc DW WLAN Card Utility eeExtendIntegrationClient EMBASSY Security Center Extend6 Fax Gemalto Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper GoToMeeting 5.1.0.880 GPBaseService2 Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973) Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973) Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054) Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973) Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139) Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant IBM Installation Manager IBM Rational System Architect Inkscape 0.48.3.1 Intel® Identity Protection Technology 1.0.71.0 Intel® Management Engine Components Intel® Processor Graphics Java Auto Updater Java 6 Update 31 (64-bit) Java 6 Update 35 Java SE Development Kit 6 Update 31 (64-bit) Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools Microsoft Help Viewer 1.1 Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Live Meeting 2007 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Visio 2010 Microsoft Office Visio MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Oracle .NET Data Provider Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2005 Backward compatibility Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 R2 Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Native Client Microsoft SQL Server 2008 R2 RsFx Driver Microsoft SQL Server 2008 R2 Setup (English) Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Browser Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Visio 2010 Service Pack 1 (SP1) Microsoft Visio Professional 2010 Microsoft Visual Basic 2010 Express - ENU Microsoft Visual C# 2010 Express - ENU Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual C++ 2010 Express - ENU Microsoft Visual J# 2.0 Redistributable Package Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Web Developer 2010 Express - ENU Modem Diagnostic Tool Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Netwaiting Network64 Nitro Reader 2 Norton 360 Premier Edition Norton Bootable Recovery Tool Wizard Notepad++ NTRU TCG Software Stack O2Micro Flash Memory Card Windows Driver O2Micro OZ776 SCR Driver OCR Software by I.R.I.S. 13.0 OpenOffice.org 3.3 OpenVPN 2.1_rc20 PC-CCID Preboot Manager PrimoPDF -- brought to you by Nitro PDF Software Private Information Manager Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Skype™ 5.10 SmartWebPrinting Snagit 9.1.3 SolutionCenter SPBA 5.9 SQL Server 2008 R2 Common Files SQL Server 2008 R2 Database Engine Services SQL Server 2008 R2 Database Engine Shared Sql Server Customer Experience Improvement Program Status Toolbox tools-windows TortoiseSVN 1.7.10.23359 (64 bit) TrayApp Trillian Trusted Drive Manager UnloadSupport Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Upek Touchchip Fingerprint Reader Visual Basic for Applications ® Core Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VMware Player Wave Infrastructure Installer Wave Support Software Installer WCF RIA Services V1.0 SP1 Web Deployment Tool WebReg WIDCOMM Bluetooth Software Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinMerge 2.12.4 yEd Graph Editor 3.9.2 . ==== Event Viewer Messages From Past Week ======== . 7/9/2013 11:22:08 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 7/9/2013 11:21:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 7/9/2013 11:21:06 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/15/2013 7:43:32 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/15/2013 7:43:32 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/15/2013 7:43:32 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/15/2013 7:43:32 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/15/2013 11:15:02 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 7/15/2013 11:09:58 PM, Error: Service Control Manager [7024] - The OracleDBConsoleCOBALT3 service terminated with service-specific error The system cannot find the file specified.. 7/15/2013 11:09:25 PM, Error: Service Control Manager [7023] - The OracleMTSRecoveryService service terminated with the following error: Incorrect function. 7/15/2013 11:09:01 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully. 7/15/2013 11:06:22 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 7/15/2013 10:59:32 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 7/15/2013 10:59:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 7/15/2013 10:59:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/15/2013 10:59:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 7/15/2013 10:59:28 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 7/15/2013 10:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 7/15/2013 10:59:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TdmService with arguments "" in order to run the server: {285E95B2-ACD5-4405-8D24-2D73E65DD047} 7/15/2013 10:59:07 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6 7/13/2013 6:41:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:41:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:41:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:41:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:40:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:40:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s). 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:39:22 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 7/13/2013 6:24:23 PM, Error: Service Control Manager [7034] - The O2SDIOAssist service terminated unexpectedly. It has done this 1 time(s). 7/13/2013 10:56:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. 7/13/2013 10:56:17 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/13/2013 10:38:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. 7/13/2013 10:37:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 7/13/2013 10:36:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 7/13/2013 10:35:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service. 7/13/2013 10:34:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. 7/12/2013 8:59:19 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s). 7/12/2013 8:59:19 PM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s). 7/12/2013 8:59:19 PM, Error: Service Control Manager [7034] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 3 time(s). 7/12/2013 8:59:19 PM, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s). 7/12/2013 8:02:18 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80099433ef, 0x0000000000000000, 0x000000007efa003c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071213-41168-01. 7/12/2013 7:56:56 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 7/12/2013 7:56:56 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 7/12/2013 7:56:56 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 7/12/2013 7:56:56 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/12/2013 5:52:33 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:40:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 7/12/2013 5:40:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 7/12/2013 5:39:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 CSC DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 7/12/2013 5:39:52 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 5:39:52 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:52 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:52 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:52 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 5:39:51 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 7/12/2013 2:09:50 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running. 7/12/2013 2:07:50 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 7/11/2013 2:52:43 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer FAMILY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D69DBBE0-1E6C-4D7C-ABB4-AE6C9527F340}. The master browser is stopping or an election is being forced. 7/11/2013 2:51:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service. . ==== End Of File ===========================
  4. Sorry to bother everyone but I could use some help. Recently my computer has started playing random audio at irregular intervals. The audio can last for just a few moments or a few minutes, and has nothing to do with any program I have open. The audio plays even when I have no programs running and just started up the computer. The sounds vary from adds to self help sound bites to what sounds like radio talk shows. So far I have been unable to detect the problem with Malwarebytes or Norton Internet Security. If anyone has any insights on this I would really appreciate the help. I've included the logs from a malwarebytes scan and DDS.txt Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Connor :: CONNOR-HP [administrator] 6/20/2013 10:25:21 AM mbam-log-2013-06-20 (10-25-21).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 210454 Time elapsed: 6 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2 Run by Connor at 10:33:06 on 2013-06-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.2740 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\notepad.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [AmazonMP3DownloaderHelper] C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe StartupFolder: C:\Users\Connor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{458402C4-FF41-40E3-BC2E-0A8558735FA1} : DHCPNameServer = 172.168.11.12 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405}\4565331423 : DHCPNameServer = 192.168.1.1 71.252.0.12 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-06-02 13:30; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: 2013-06-04 23:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn FF - ExtSQL: 2013-06-04 23:20; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn FF - ExtSQL: 2013-06-19 23:51; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-6-10 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-11-5 197536] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-28 2413056] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-19 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-19 701512] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-6-6 138272] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-28 46136] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-6-6 167072] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-6-5 138912] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130619.001\IDSviA64.sys [2013-6-19 513184] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-19 25928] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-28 338536] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-28 428136] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-28 1145448] R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-6-6 451192] R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-6-6 1129120] R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-6-6 190072] R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-6-6 405624] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-31 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128] S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-06-20 03:55:59 -------- d-----w- C:\Users\Connor\AppData\Local\Program Files 2013-06-20 02:14:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-20 02:14:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-17 02:52:21 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} 2013-06-16 01:09:15 -------- d-----w- C:\Users\Connor\AppData\Roaming\IDT 2013-06-16 01:07:36 -------- d-----w- C:\Users\Connor\AppData\Local\CrashDumps 2013-06-13 02:09:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR 2013-06-13 02:09:48 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT 2013-06-13 02:09:47 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL 2013-06-13 02:09:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT 2013-06-13 02:09:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE 2013-06-13 02:09:44 -------- d-----w- C:\Windows\System32\drivers\UMDF\fr-FR 2013-06-13 02:09:43 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES 2013-06-11 21:37:56 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-06-10 18:52:11 654336 ------w- C:\Windows\System32\stapi64.dll 2013-06-10 18:50:32 535552 ----a-w- C:\Windows\System32\drivers\stwrt64.sys 2013-06-10 18:50:30 448512 ----a-w- C:\Windows\System32\stcplx64.dll 2013-06-10 18:50:30 1987072 ----a-w- C:\Windows\System32\stapo64.dll 2013-06-10 18:49:57 -------- d-----w- C:\Program Files\IDT 2013-06-07 01:37:16 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys 2013-06-07 01:37:16 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys 2013-06-07 01:37:16 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys 2013-06-07 01:37:16 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys 2013-06-07 01:37:16 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys 2013-06-07 01:37:16 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys 2013-06-07 01:37:16 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys 2013-06-07 01:37:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309010.00E 2013-06-06 01:15:03 -------- d-----w- C:\Users\Connor\AppData\Roaming\.minecraft 2013-06-06 00:40:24 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-06 00:40:23 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-06 00:40:11 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-05 03:18:23 -------- d-----w- C:\Windows\System32\drivers\NISx64 2013-06-05 03:18:20 -------- d-----w- C:\Program Files (x86)\Norton Internet Security 2013-06-05 02:54:03 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{816559E5-8BF5-4D45-8164-87C6A69BDEA4}\mpengine.dll 2013-06-05 02:52:28 -------- d-----w- C:\Users\Connor\AppData\Local\Diagnostics 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP 2013-06-04 03:52:40 -------- d-----w- C:\ProgramData\Symantec 2013-06-04 02:43:39 -------- d-----w- C:\Users\Connor\AppData\Roaming\Malwarebytes 2013-06-04 02:43:36 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-04 02:43:13 -------- d-----w- C:\Users\Connor\AppData\Local\Programs 2013-06-03 20:43:30 -------- d-----w- C:\Windows\System32\%LOCALAPPDATA% 2013-06-03 20:23:46 -------- d-----w- C:\Users\Connor\AppData\Local\Symantec 2013-06-03 20:22:59 -------- d-----w- C:\Program Files\Symantec 2013-06-03 20:22:30 42632 ----a-w- C:\Windows\System32\drivers\WGX64.SYS 2013-06-03 20:22:30 118768 ----a-w- C:\Windows\System32\drivers\SysPlant.sys 2013-06-03 20:21:57 -------- d-----w- C:\ProgramData\regid.1992_12.com.symantec 2013-06-03 20:21:50 -------- d-----w- C:\Program Files (x86)\Symantec 2013-06-03 20:12:11 -------- d-----w- C:\VT-SEPVersion 2013-06-03 20:10:45 -------- d-----w- C:\VT AntiVirus 2013-06-03 20:07:18 -------- d-----w- C:\VT-SecureTools 2013-06-03 20:03:53 -------- d-----w- C:\Program Files\Microsoft Lync 2013-06-03 20:03:45 -------- d-----w- C:\Program Files (x86)\Microsoft Lync 2013-06-03 20:03:35 -------- d-----w- C:\Users\Connor\Tracing 2013-06-03 20:03:35 -------- d-----w- C:\Program Files (x86)\OCSetup 2013-06-03 19:45:43 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business 2013-06-03 19:45:21 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls 2013-06-03 19:43:46 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll 2013-06-03 19:43:35 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll 2013-06-03 19:41:57 -------- d-----w- C:\Windows\SysWow64\1033 2013-06-03 19:41:57 -------- d-----w- C:\Windows\System32\1033 2013-06-03 19:41:57 -------- d-----w- C:\Program Files\Microsoft SQL Server 2013-06-03 19:38:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2013-06-03 18:03:16 -------- d-----w- C:\Program Files (x86)\MSECache 2013-06-03 17:55:54 -------- d-----w- C:\Users\Connor\AppData\Local\LogMeIn Rescue Applet 2013-06-03 17:23:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2013-06-03 17:19:50 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-06-03 17:19:10 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2013-06-03 17:18:57 -------- d-----w- C:\Windows\SHELLNEW 2013-06-03 17:18:39 -------- d-----w- C:\Users\Connor\AppData\Local\Microsoft Help 2013-06-03 02:10:05 -------- d-----w- C:\Users\Connor\AppData\Local\HP 2013-06-03 01:43:23 1671680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM3.dll 2013-06-03 01:43:23 1669120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM6.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM5.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM4.dll 2013-06-03 01:43:23 1667072 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM7.dll 2013-06-02 17:34:29 -------- d-----w- C:\Users\Connor\AppData\Local\Macromedia 2013-06-02 17:34:17 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-02 00:14:24 -------- d-----w- C:\Users\Connor\AppData\Local\Skyrim 2013-06-02 00:04:15 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll 2013-06-02 00:04:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll 2013-06-02 00:04:15 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll 2013-06-02 00:04:15 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll 2013-06-02 00:04:14 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll 2013-06-02 00:04:14 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll 2013-06-02 00:04:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll 2013-06-02 00:04:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll 2013-06-01 23:31:52 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2013-06-01 23:01:29 -------- d-----w- C:\Program Files (x86)\dumps 2013-06-01 23:00:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-06-01 23:00:17 -------- d-----w- C:\Program Files (x86)\Steam 2013-06-01 03:54:50 -------- d-----w- C:\Users\Connor\AppData\Local\CyberLink 2013-06-01 03:03:42 -------- d-----w- C:\ProgramData\Amazon 2013-06-01 03:03:29 -------- d-----w- C:\Program Files (x86)\Amazon 2013-06-01 03:02:44 -------- d-----w- C:\Windows\Downloaded Installations 2013-06-01 02:57:28 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-06-01 02:46:54 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP 2013-06-01 02:20:18 -------- d-----w- C:\Windows\SysWow64\Wat 2013-06-01 02:20:18 -------- d-----w- C:\Windows\System32\Wat 2013-06-01 00:53:14 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-06-01 00:53:14 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-06-01 00:53:14 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-06-01 00:53:14 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-01 00:01:40 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-06-01 00:01:40 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-06-01 00:01:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-06-01 00:01:39 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-06-01 00:00:09 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-06-01 00:00:09 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-06-01 00:00:09 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-06-01 00:00:09 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-06-01 00:00:08 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-06-01 00:00:08 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-06-01 00:00:08 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-05-31 23:43:39 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-05-31 23:43:39 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-05-31 23:43:39 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-05-31 23:28:52 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2013-05-31 23:27:33 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-05-31 23:26:54 67072 ----a-w- C:\Windows\splwow64.exe 2013-05-31 23:25:30 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-05-31 23:25:29 3216384 ----a-w- C:\Windows\System32\msi.dll 2013-05-31 23:25:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2013-05-31 23:25:00 715776 ----a-w- C:\Windows\System32\kerberos.dll 2013-05-31 23:25:00 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2013-05-31 23:17:09 77312 ----a-w- C:\Windows\System32\packager.dll 2013-05-31 23:17:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-05-31 23:03:50 -------- d-----w- C:\Users\Connor\AppData\Local\AMD 2013-05-31 23:03:40 -------- d-----w- C:\Users\Connor\AppData\Local\ATI 2013-05-31 23:02:38 -------- d-----w- C:\Users\Connor\AppData\Roaming\Synaptics 2013-05-31 23:00:06 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-05-31 23:00:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-05-31 23:00:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2013-05-31 22:59:20 -------- d-----w- C:\Users\Connor\AppData\Roaming\hpqlog 2013-05-31 22:59:18 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard 2013-05-31 22:58:00 -------- d-----w- C:\Users\Connor\AppData\Local\RemEngine 2013-05-31 22:57:50 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard_Company 2013-05-31 22:56:48 -------- d-----w- C:\Users\Connor\AppData\Local\AuthenTec 2013-05-31 22:55:29 -------- d-----w- C:\Users\Connor\AppData\Local\VirtualStore 2013-05-31 22:55:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-31 22:55:03 99840 ----a-w- C:\Windows\System32\wudriver.dll . ==================== Find3M ==================== . 2013-06-16 02:13:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-06 00:33:21 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 05:24:10 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 05:24:10 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 10:45:17.11 ===============
  5. Sorry to bother everyone but I could use some help. Recently my computer has started playing random audio at irregular intervals. The audio can last for just a few moments or a few minutes, and has nothing to do with any program I have open. The audio plays even when I have no programs running and just started up the computer. The sounds vary from adds to self help sound bites to what sounds like radio talk shows. So far I have been unable to detect the problem with Malwarebytes or Norton Internet Security. If anyone has any insights on this I would really appreciate the help. I've included the logs from a malwarebytes scan and DDS.txt Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Connor :: CONNOR-HP [administrator] 6/20/2013 10:25:21 AM mbam-log-2013-06-20 (10-25-21).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 210454 Time elapsed: 6 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2 Run by Connor at 10:33:06 on 2013-06-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.2740 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\notepad.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [AmazonMP3DownloaderHelper] C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe StartupFolder: C:\Users\Connor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{458402C4-FF41-40E3-BC2E-0A8558735FA1} : DHCPNameServer = 172.168.11.12 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405}\4565331423 : DHCPNameServer = 192.168.1.1 71.252.0.12 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-06-02 13:30; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: 2013-06-04 23:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn FF - ExtSQL: 2013-06-04 23:20; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn FF - ExtSQL: 2013-06-19 23:51; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-6-10 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-11-5 197536] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-28 2413056] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-19 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-19 701512] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-6-6 138272] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-28 46136] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-6-6 167072] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-6-5 138912] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130619.001\IDSviA64.sys [2013-6-19 513184] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-19 25928] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-28 338536] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-28 428136] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-28 1145448] R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-6-6 451192] R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-6-6 1129120] R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-6-6 190072] R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-6-6 405624] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-31 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128] S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-06-20 03:55:59 -------- d-----w- C:\Users\Connor\AppData\Local\Program Files 2013-06-20 02:14:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-20 02:14:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-17 02:52:21 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} 2013-06-16 01:09:15 -------- d-----w- C:\Users\Connor\AppData\Roaming\IDT 2013-06-16 01:07:36 -------- d-----w- C:\Users\Connor\AppData\Local\CrashDumps 2013-06-13 02:09:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR 2013-06-13 02:09:48 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT 2013-06-13 02:09:47 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL 2013-06-13 02:09:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT 2013-06-13 02:09:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE 2013-06-13 02:09:44 -------- d-----w- C:\Windows\System32\drivers\UMDF\fr-FR 2013-06-13 02:09:43 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES 2013-06-11 21:37:56 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-06-10 18:52:11 654336 ------w- C:\Windows\System32\stapi64.dll 2013-06-10 18:50:32 535552 ----a-w- C:\Windows\System32\drivers\stwrt64.sys 2013-06-10 18:50:30 448512 ----a-w- C:\Windows\System32\stcplx64.dll 2013-06-10 18:50:30 1987072 ----a-w- C:\Windows\System32\stapo64.dll 2013-06-10 18:49:57 -------- d-----w- C:\Program Files\IDT 2013-06-07 01:37:16 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys 2013-06-07 01:37:16 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys 2013-06-07 01:37:16 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys 2013-06-07 01:37:16 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys 2013-06-07 01:37:16 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys 2013-06-07 01:37:16 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys 2013-06-07 01:37:16 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys 2013-06-07 01:37:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309010.00E 2013-06-06 01:15:03 -------- d-----w- C:\Users\Connor\AppData\Roaming\.minecraft 2013-06-06 00:40:24 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-06 00:40:23 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-06 00:40:11 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-05 03:18:23 -------- d-----w- C:\Windows\System32\drivers\NISx64 2013-06-05 03:18:20 -------- d-----w- C:\Program Files (x86)\Norton Internet Security 2013-06-05 02:54:03 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{816559E5-8BF5-4D45-8164-87C6A69BDEA4}\mpengine.dll 2013-06-05 02:52:28 -------- d-----w- C:\Users\Connor\AppData\Local\Diagnostics 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP 2013-06-04 03:52:40 -------- d-----w- C:\ProgramData\Symantec 2013-06-04 02:43:39 -------- d-----w- C:\Users\Connor\AppData\Roaming\Malwarebytes 2013-06-04 02:43:36 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-04 02:43:13 -------- d-----w- C:\Users\Connor\AppData\Local\Programs 2013-06-03 20:43:30 -------- d-----w- C:\Windows\System32\%LOCALAPPDATA% 2013-06-03 20:23:46 -------- d-----w- C:\Users\Connor\AppData\Local\Symantec 2013-06-03 20:22:59 -------- d-----w- C:\Program Files\Symantec 2013-06-03 20:22:30 42632 ----a-w- C:\Windows\System32\drivers\WGX64.SYS 2013-06-03 20:22:30 118768 ----a-w- C:\Windows\System32\drivers\SysPlant.sys 2013-06-03 20:21:57 -------- d-----w- C:\ProgramData\regid.1992_12.com.symantec 2013-06-03 20:21:50 -------- d-----w- C:\Program Files (x86)\Symantec 2013-06-03 20:12:11 -------- d-----w- C:\VT-SEPVersion 2013-06-03 20:10:45 -------- d-----w- C:\VT AntiVirus 2013-06-03 20:07:18 -------- d-----w- C:\VT-SecureTools 2013-06-03 20:03:53 -------- d-----w- C:\Program Files\Microsoft Lync 2013-06-03 20:03:45 -------- d-----w- C:\Program Files (x86)\Microsoft Lync 2013-06-03 20:03:35 -------- d-----w- C:\Users\Connor\Tracing 2013-06-03 20:03:35 -------- d-----w- C:\Program Files (x86)\OCSetup 2013-06-03 19:45:43 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business 2013-06-03 19:45:21 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls 2013-06-03 19:43:46 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll 2013-06-03 19:43:35 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll 2013-06-03 19:41:57 -------- d-----w- C:\Windows\SysWow64\1033 2013-06-03 19:41:57 -------- d-----w- C:\Windows\System32\1033 2013-06-03 19:41:57 -------- d-----w- C:\Program Files\Microsoft SQL Server 2013-06-03 19:38:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2013-06-03 18:03:16 -------- d-----w- C:\Program Files (x86)\MSECache 2013-06-03 17:55:54 -------- d-----w- C:\Users\Connor\AppData\Local\LogMeIn Rescue Applet 2013-06-03 17:23:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2013-06-03 17:19:50 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-06-03 17:19:10 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2013-06-03 17:18:57 -------- d-----w- C:\Windows\SHELLNEW 2013-06-03 17:18:39 -------- d-----w- C:\Users\Connor\AppData\Local\Microsoft Help 2013-06-03 02:10:05 -------- d-----w- C:\Users\Connor\AppData\Local\HP 2013-06-03 01:43:23 1671680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM3.dll 2013-06-03 01:43:23 1669120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM6.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM5.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM4.dll 2013-06-03 01:43:23 1667072 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM7.dll 2013-06-02 17:34:29 -------- d-----w- C:\Users\Connor\AppData\Local\Macromedia 2013-06-02 17:34:17 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-02 00:14:24 -------- d-----w- C:\Users\Connor\AppData\Local\Skyrim 2013-06-02 00:04:15 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll 2013-06-02 00:04:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll 2013-06-02 00:04:15 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll 2013-06-02 00:04:15 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll 2013-06-02 00:04:14 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll 2013-06-02 00:04:14 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll 2013-06-02 00:04:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll 2013-06-02 00:04:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll 2013-06-01 23:31:52 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2013-06-01 23:01:29 -------- d-----w- C:\Program Files (x86)\dumps 2013-06-01 23:00:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-06-01 23:00:17 -------- d-----w- C:\Program Files (x86)\Steam 2013-06-01 03:54:50 -------- d-----w- C:\Users\Connor\AppData\Local\CyberLink 2013-06-01 03:03:42 -------- d-----w- C:\ProgramData\Amazon 2013-06-01 03:03:29 -------- d-----w- C:\Program Files (x86)\Amazon 2013-06-01 03:02:44 -------- d-----w- C:\Windows\Downloaded Installations 2013-06-01 02:57:28 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-06-01 02:46:54 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP 2013-06-01 02:20:18 -------- d-----w- C:\Windows\SysWow64\Wat 2013-06-01 02:20:18 -------- d-----w- C:\Windows\System32\Wat 2013-06-01 00:53:14 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-06-01 00:53:14 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-06-01 00:53:14 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-06-01 00:53:14 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-01 00:01:40 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-06-01 00:01:40 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-06-01 00:01:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-06-01 00:01:39 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-06-01 00:00:09 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-06-01 00:00:09 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-06-01 00:00:09 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-06-01 00:00:09 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-06-01 00:00:08 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-06-01 00:00:08 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-06-01 00:00:08 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-05-31 23:43:39 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-05-31 23:43:39 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-05-31 23:43:39 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-05-31 23:28:52 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2013-05-31 23:27:33 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-05-31 23:26:54 67072 ----a-w- C:\Windows\splwow64.exe 2013-05-31 23:25:30 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-05-31 23:25:29 3216384 ----a-w- C:\Windows\System32\msi.dll 2013-05-31 23:25:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2013-05-31 23:25:00 715776 ----a-w- C:\Windows\System32\kerberos.dll 2013-05-31 23:25:00 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2013-05-31 23:17:09 77312 ----a-w- C:\Windows\System32\packager.dll 2013-05-31 23:17:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-05-31 23:03:50 -------- d-----w- C:\Users\Connor\AppData\Local\AMD 2013-05-31 23:03:40 -------- d-----w- C:\Users\Connor\AppData\Local\ATI 2013-05-31 23:02:38 -------- d-----w- C:\Users\Connor\AppData\Roaming\Synaptics 2013-05-31 23:00:06 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-05-31 23:00:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-05-31 23:00:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2013-05-31 22:59:20 -------- d-----w- C:\Users\Connor\AppData\Roaming\hpqlog 2013-05-31 22:59:18 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard 2013-05-31 22:58:00 -------- d-----w- C:\Users\Connor\AppData\Local\RemEngine 2013-05-31 22:57:50 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard_Company 2013-05-31 22:56:48 -------- d-----w- C:\Users\Connor\AppData\Local\AuthenTec 2013-05-31 22:55:29 -------- d-----w- C:\Users\Connor\AppData\Local\VirtualStore 2013-05-31 22:55:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-31 22:55:03 99840 ----a-w- C:\Windows\System32\wudriver.dll . ==================== Find3M ==================== . 2013-06-16 02:13:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-06 00:33:21 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 05:24:10 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 05:24:10 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 10:45:17.11 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.