Malwarebytes detected registry key for trojan.porn.dialer

[b42]

Hi,

I ran a malwarebyte scan today, no reason in particular, I just try to do so weekly. It detected a registry key linked to a trojan, specifically:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connect (Trojan.PornDialer)

It was quarantined. Strange thing is the scan only detected this one registry key, no files or anything else and so I'm not sure if my computer is currently infected with something or not. I ran scans using a few different tools to see if they'd find anything, and while they didn't find anything, I'm still a little worried about it so I thought I'd post here.

I ran dds as instructed in the I'm infected - What do I do now? post. Results are below.

DDS.txt file

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576

Run by Benoit at 22:42:43 on 2013-05-26

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8094.4218 [GMT -3:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Conexant\SA3\CxUtilSvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Windows\SysWOW64\irstrtsv.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Conexant\SA3\SmartAudio3.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

C:\Program Files\Elantech\ETDGesture.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe

C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll

uRun: [Google Update] "C:\Users\Benoit\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Benoit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

StartupFolder: C:\Users\Benoit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{50708714-54F9-4035-A108-5E6980325697} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7} : DHCPNameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\14355535D41607C65624573797 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\24573797D41607C656 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\37D6162747965637 : DHCPNameServer = 64.71.255.204 64.71.255.198

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe

x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s

x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\n2i4tuqd.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Benoit\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Benoit\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - ExtSQL: 2013-05-18 05:42; {75df891f-e299-4725-b14f-7d52f086dea2}; C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\n2i4tuqd.default\extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-5-23 31872]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-23 16152]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-5-23 55856]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1403010.016\symds64.sys [2013-4-16 493656]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1403010.016\symefa64.sys [2013-4-16 1139800]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-5-20 1390680]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1403010.016\ccsetx64.sys [2013-4-16 168096]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130524.001\IDSviA64.sys [2013-5-25 513184]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1403010.016\ironx64.sys [2013-4-16 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1403010.016\symnets.sys [2013-4-16 432800]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-5-23 235520]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]

R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-21 1014096]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-21 1104208]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]

R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-5-23 109184]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-23 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]

R2 irstrtsv;Intel® Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-5-23 193536]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-20 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-20 701512]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe [2013-4-16 144520]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-3 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-3 1369624]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-3 168384]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-5-23 1695040]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-23 363800]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-21 1304912]

R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-11-30 51712]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-11-30 94720]

R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-30 747008]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-5-23 176096]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-17 138912]

R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-5-23 202024]

R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-2-14 60928]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-5-23 331264]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-3-19 14745600]

R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-5-23 26504]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-23 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-23 787736]

R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-26 25496]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-20 25928]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-5-23 313448]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-23 646248]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/05/23 17:52:15;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-12-16 248304]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-26 34200]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-17 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-05-27 00:54:14 -------- d-----w- C:\Users\Benoit\AppData\Roaming\SUPERAntiSpyware.com

2013-05-27 00:53:53 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2013-05-27 00:53:53 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2013-05-26 22:24:01 964552 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68BA36D3-7911-4C7A-A0EE-CD0F56F27805}\gapaengine.dll

2013-05-26 22:23:58 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB27AF7B-1F42-4A52-92AA-59C0102C1BA2}\mpengine.dll

2013-05-26 22:21:24 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-05-26 22:21:23 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-05-26 14:56:29 -------- d-----w- C:\Users\Benoit\AppData\Local\{74623A98-F616-4B0D-A67D-E6E6F9F68569}

2013-05-25 12:49:12 -------- d-----w- C:\Users\Benoit\AppData\Local\{1147E8E2-9B2C-4098-8BC5-F74E9C48D10B}

2013-05-24 15:26:16 -------- d-----w- C:\Users\Benoit\AppData\Local\{5033F657-37EB-43C0-BB59-464B6E219271}

2013-05-23 10:43:14 -------- d-----w- C:\Users\Benoit\AppData\Local\{7AAD9763-5B40-4A28-9E03-42D74B799D35}

2013-05-22 10:20:06 -------- d-----w- C:\Users\Benoit\AppData\Local\{DC52CDEE-2B64-49E9-8640-43C953EE2347}

2013-05-21 23:57:17 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2013-05-21 23:57:02 -------- d-----w- C:\Program Files\My Dell

2013-05-21 15:12:09 -------- d-----w- C:\Users\Benoit\AppData\Local\{18CC8BB2-D61E-46AB-9D48-13A0FCC74196}

2013-05-20 11:49:13 -------- d-----w- C:\Users\Benoit\AppData\Local\{436A85DF-7D3E-4B7F-B161-D0270EEEDDCD}

2013-05-19 23:48:49 -------- d-----w- C:\Users\Benoit\AppData\Local\{EC2D60AC-E28F-4909-A12D-21CB251114F0}

2013-05-19 21:57:00 -------- d-----w- C:\Program Files (x86)\Cisco Systems

2013-05-19 21:55:44 -------- d-----w- C:\ProgramData\Cisco Systems

2013-05-19 11:48:20 -------- d-----w- C:\Users\Benoit\AppData\Local\{1942F515-D6EA-498B-905A-10E9D9C753B7}

2013-05-18 08:29:31 -------- d-----w- C:\Users\Benoit\AppData\Local\{F0DC144D-1D48-4ACA-AC45-D4601D7F9B82}

2013-05-17 15:11:12 -------- d-----w- C:\Users\Benoit\AppData\Local\{524BBD63-4859-4A84-9C86-8E009A555BDB}

2013-05-17 01:04:07 -------- d-----w- C:\Users\Benoit\AppData\Local\{B5B9FC37-64F9-4C0F-8A02-2AC4B83A18FC}

2013-05-15 15:33:27 -------- d-----w- C:\Users\Benoit\AppData\Local\{92BFB2DE-6491-4D32-8471-E1136828BE1A}

2013-05-14 16:31:10 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-05-14 16:31:10 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-05-14 10:44:19 -------- d-----w- C:\Users\Benoit\AppData\Local\{81775C34-C8AB-40C9-B3F7-10686859AC41}

2013-05-13 15:07:57 -------- d-----w- C:\Users\Benoit\AppData\Local\{A3070D50-89AB-4BAC-94CD-2B896D055B55}

2013-05-10 20:43:22 -------- d-----w- C:\Users\Benoit\AppData\Local\{670C01F4-64D0-4469-8E47-7D11E2E6D758}

2013-05-09 23:10:21 -------- d-----w- C:\Users\Benoit\AppData\Local\{6D8F6DD5-52FA-4C98-B374-55899E5349EB}

2013-05-09 10:42:43 -------- d-----w- C:\Users\Benoit\AppData\Local\{B471CDED-6E55-4AD4-B890-E3A38810FDFE}

2013-05-08 15:42:57 -------- d-----w- C:\Users\Benoit\AppData\Local\{DB15CC13-ACC6-4309-A77B-7949128BE4A1}

2013-05-07 20:04:46 -------- d-----w- C:\Users\Benoit\AppData\Local\{9AB816D4-1BB6-41EC-A5B9-1DDEC11F2EF7}

2013-05-06 15:23:54 -------- d-----w- C:\Users\Benoit\AppData\Local\{4D540F0C-1E3C-4290-8080-4232F8C098D5}

2013-05-05 13:14:45 -------- d-----w- C:\Users\Benoit\AppData\Local\{0DF5E129-4428-401C-8F4F-C0C5FC5802EA}

2013-05-04 11:00:17 -------- d-----w- C:\Users\Benoit\AppData\Local\{CC74E243-3015-4679-9615-B3EAE53D3135}

2013-05-03 15:26:06 -------- d-----w- C:\Users\Benoit\AppData\Local\{7FC73878-FBE8-459B-8571-5F25B9798D73}

2013-05-02 22:30:22 -------- d-----w- C:\Users\Benoit\AppData\Local\{9F81CA83-82B1-492E-AE40-B81814A18373}

2013-05-02 10:29:58 -------- d-----w- C:\Users\Benoit\AppData\Local\{F029CB57-266E-4CF5-9B51-4129A32ECA28}

2013-05-01 15:32:05 -------- d-----w- C:\Users\Benoit\AppData\Local\{4E5BAC41-A30E-4FCB-95A1-8A67FC0AAA26}

2013-04-30 22:37:42 -------- d-----w- C:\Users\Benoit\AppData\Local\{632FF845-7E74-4E21-80FE-E50B600A98C3}

2013-04-30 10:37:14 -------- d-----w- C:\Users\Benoit\AppData\Local\{61649BD4-5155-4AFF-946D-2EAFDA0B65DA}

2013-04-29 15:26:08 -------- d-----w- C:\Users\Benoit\AppData\Local\{4CDD13AA-BF0C-4D3A-9B2E-B7F6A8F0B276}

2013-04-28 12:06:11 -------- d-----w- C:\Users\Benoit\AppData\Local\{276D51E1-7AE9-4ABB-A2B9-877D0EB46C03}

2013-04-27 12:05:35 -------- d-----w- C:\Users\Benoit\AppData\Local\{25550325-592B-46BF-8398-C1AE89951A6D}

.

==================== Find3M ====================

.

2013-05-15 01:36:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 01:36:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 17:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe

2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

.

============= FINISH: 22:42:55.55 ===============

attach.txt file

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/17/2012 4:50:31 PM

System Uptime: 5/26/2013 10:26:21 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0PXH02

Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz | U3E1 | 2101/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 912 GiB total, 431.463 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP82: 5/3/2013 7:23:35 PM - Scheduled Checkpoint

RP83: 5/16/2013 10:03:21 AM - Windows Update

RP84: 5/25/2013 6:57:24 PM - Scheduled Checkpoint

RP85: 5/26/2013 7:23:39 PM - Windows Update

RP86: 5/26/2013 7:39:49 PM - Removed Paint.NET v3.5.10

.

==== Installed Programs ======================

.

Accidental Damage Services Agreement

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 9

Adobe Premiere Elements 9

Adobe Reader X (10.1.7) MUI

Advanced Audio FX Engine

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD AVIVO64 Codecs

AMD Catalyst Install Manager

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Banctec Service Agreement

Bing Bar

Blio

Bonjour

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCleaner

Complete Care Business Service Agreement

Conexant SmartAudio HD

Consumer In-Home Service Agreement

Cozi

CyberLink PowerDVD 9.6

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Defraggler

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Digital Delivery

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell Stage Remote

Dell Touchpad

Dell VideoStage

Dell Webcam Central

eBay

Elements 9 Organizer

Elements STI Installer

Google Chrome

Hotfix for Microsoft Visual Studio 2008 Standard Edition - ENU (KB971091)

Intel PROSet Wireless

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® Rapid Start Technology

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Monitor 2.0

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® WiDi

Intel® Wireless Display

Intel® PROSet/Wireless WiFi Software

Intel® Trusted Connect Service Client

iTunes

Java 7 Update 6 (64-bit)

Java SE Development Kit 7 Update 6 (64-bit)

Junk Mail filter update

KeePass Password Safe 2.20.1

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Document Explorer 2008

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office Single Image 2010

Microsoft Office Visual Web Developer 2007

Microsoft Office Visual Web Developer MUI (English) 2007

Microsoft Office Word MUI (English) 2010

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Database Publishing Wizard 1.2

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2008 Standard Edition - ENU

Microsoft Visual Studio Web Authoring Component

Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries

Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense

Microsoft Windows SDK for Visual Studio 2008 Tools

Microsoft Windows SDK for Visual Studio 2008 Win32 Tools

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

My Dell

NetBeans IDE 7.2

Norton Internet Security

OpenOffice.org 3.4.1

PlayReady PC Runtime x86

PowerXpressHybrid

Premium Service Agreement

PX Profile Update

QualxServ Service Agreement

Quickset64

Realtek USB 2.0 Card Reader

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype Click to Call

Skype Web Plugin 1.9.10772.12905

Skype™ 6.3

SmartSound Quicktracks for Premiere Elements 9.0

Spybot - Search & Destroy

Steam

SUPERAntiSpyware

Titanium Studio

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for Microsoft Visual Studio 2008 Standard Edition - ENU (KB972221)

VC Runtimes MSI

Visual Studio .NET Prerequisites - English

VLC media player 2.0.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

XAMPP 1.7.4

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

5/26/2013 6:14:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

5/26/2013 5:11:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/26/2013 5:11:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

5/26/2013 5:09:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_NIS DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 10:28:55 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

5/25/2013 10:35:19 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer TIGERSPEED-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}. The master browser is stopping or an election is being forced.

.

==== End Of File ===========================

Thank you for your help, it's greatly appreciated.

[Maniac]

Hello b42 and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

Step 1

I notice that you are using more than one antivirus program.

• Microsoft Security Essentials
  
• Norton Internet Security
  

This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through.

It is important that only one antivirus program is running realtime protection.

I suggest you to uninstall Microsoft Security Essentials, but only if you have license for Norton Internet Security. Finally, restart your computer.

Step 2

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

• Download on the desktop RogueKiller
  
• Quit all programs
  
• Start RogueKiller.exe
  
• Wait until Prescan has finished ...
  
• Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

• Malwarebytes' Anti-Malware log
  
• RogueKiller log
  
• a new fresh DDS log

[b42]

Thank you for the warning about security essential. I uninstalled it right away. Good news is it wasn't there for long, I only installed it a short while before I posted to see if it'd find any malware (it didn't).

I updated and scanned with malwarebyte as instructed, it didn't find anything, but I posted the log below anyway.

I scanned with roguekiller too, and it found two registry keys:

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Again no files, only registry keys. I'm wondering if these might be false positive... Maybe that's just wishful thinking. But anyway, here are the logs:

Malwarebytes log

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.27.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16576

Benoit :: MEANMACHINE [administrator]

5/27/2013 7:54:42 AM

mbam-log-2013-05-27 (07-54-42).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 216614

Time elapsed: 2 minute(s), 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

RogueKiller log

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Benoit [Admin rights]

Mode : Scan -- Date : 05/27/2013 08:03:59

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: XW1TCC119657 +++++

--- User ---

[MBR] abe94b79f2103ef3a796acf97cc89c78

[bSP] 3b5c267edfb0b4c8dc05c0409fbf09f0 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 20286 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41627648 | Size: 933540 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

+++++ PhysicalDrive1: FFS +++++

--- User ---

[MBR] f32ca3065ac68469e45566e9aecf6f92

[bSP] 8a49822a9830811ab64a2c94d03fd00e : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] OS/2-HIBER (0x84) [HIDDEN!] Offset (sectors): 2048 | Size: 8190 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1]_S_05272013_02d0803.txt >>

RKreport[1]_S_05272013_02d0803.txt

DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576

Run by Benoit at 8:07:37 on 2013-05-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8094.4872 [GMT -3:00]

.

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Conexant\SA3\CxUtilSvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Windows\SysWOW64\irstrtsv.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files\Conexant\SA3\SmartAudio3.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

C:\Program Files\Elantech\ETDGesture.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\CCleaner\CCleaner64.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\notepad.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Users\Benoit\Downloads\RogueKillerX64.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\notepad.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll

uRun: [Google Update] "C:\Users\Benoit\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"

mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Benoit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

StartupFolder: C:\Users\Benoit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{50708714-54F9-4035-A108-5E6980325697} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7} : DHCPNameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\14355535D41607C65624573797 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\24573797D41607C656 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}\37D6162747965637 : DHCPNameServer = 64.71.255.204 64.71.255.198

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe

x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s

x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\n2i4tuqd.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Benoit\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Benoit\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - ExtSQL: 2013-05-18 05:42; {75df891f-e299-4725-b14f-7d52f086dea2}; C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\n2i4tuqd.default\extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-5-23 31872]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-23 16152]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-5-23 55856]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1403010.016\symds64.sys [2013-4-16 493656]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1403010.016\symefa64.sys [2013-4-16 1139800]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-5-20 1390680]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1403010.016\ccsetx64.sys [2013-4-16 168096]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130524.001\IDSviA64.sys [2013-5-25 513184]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1403010.016\ironx64.sys [2013-4-16 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1403010.016\symnets.sys [2013-4-16 432800]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-5-23 235520]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]

R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-21 1014096]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-21 1104208]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]

R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-5-23 109184]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-23 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]

R2 irstrtsv;Intel® Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-5-23 193536]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-20 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-20 701512]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe [2013-4-16 144520]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-3 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-3 1369624]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-3 168384]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-5-23 1695040]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-23 363800]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-21 1304912]

R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-11-30 51712]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-11-30 94720]

R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-30 747008]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-5-23 176096]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-17 138912]

R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-5-23 202024]

R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-2-14 60928]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-5-23 331264]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-3-19 14745600]

R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-5-23 26504]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-23 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-23 787736]

R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-26 25496]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-20 25928]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-5-23 313448]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-23 646248]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/05/23 17:52:15;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-12-16 248304]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-26 34200]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-17 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-05-27 10:49:19 -------- d-----w- C:\Users\Benoit\AppData\Local\{2925AC26-8A47-4F0C-B68C-4204FEA0E6AA}

2013-05-27 02:33:30 -------- d-----w- C:\Users\Benoit\AppData\Local\Cyberlink

2013-05-27 00:54:14 -------- d-----w- C:\Users\Benoit\AppData\Roaming\SUPERAntiSpyware.com

2013-05-27 00:53:53 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2013-05-27 00:53:53 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2013-05-26 14:56:29 -------- d-----w- C:\Users\Benoit\AppData\Local\{74623A98-F616-4B0D-A67D-E6E6F9F68569}

2013-05-25 12:49:12 -------- d-----w- C:\Users\Benoit\AppData\Local\{1147E8E2-9B2C-4098-8BC5-F74E9C48D10B}

2013-05-24 15:26:16 -------- d-----w- C:\Users\Benoit\AppData\Local\{5033F657-37EB-43C0-BB59-464B6E219271}

2013-05-23 10:43:14 -------- d-----w- C:\Users\Benoit\AppData\Local\{7AAD9763-5B40-4A28-9E03-42D74B799D35}

2013-05-22 10:20:06 -------- d-----w- C:\Users\Benoit\AppData\Local\{DC52CDEE-2B64-49E9-8640-43C953EE2347}

2013-05-21 23:57:17 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2013-05-21 23:57:02 -------- d-----w- C:\Program Files\My Dell

2013-05-21 15:12:09 -------- d-----w- C:\Users\Benoit\AppData\Local\{18CC8BB2-D61E-46AB-9D48-13A0FCC74196}

2013-05-20 11:49:13 -------- d-----w- C:\Users\Benoit\AppData\Local\{436A85DF-7D3E-4B7F-B161-D0270EEEDDCD}

2013-05-19 23:48:49 -------- d-----w- C:\Users\Benoit\AppData\Local\{EC2D60AC-E28F-4909-A12D-21CB251114F0}

2013-05-19 21:57:00 -------- d-----w- C:\Program Files (x86)\Cisco Systems

2013-05-19 21:55:44 -------- d-----w- C:\ProgramData\Cisco Systems

2013-05-19 11:48:20 -------- d-----w- C:\Users\Benoit\AppData\Local\{1942F515-D6EA-498B-905A-10E9D9C753B7}

2013-05-18 08:29:31 -------- d-----w- C:\Users\Benoit\AppData\Local\{F0DC144D-1D48-4ACA-AC45-D4601D7F9B82}

2013-05-17 15:11:12 -------- d-----w- C:\Users\Benoit\AppData\Local\{524BBD63-4859-4A84-9C86-8E009A555BDB}

2013-05-17 01:04:07 -------- d-----w- C:\Users\Benoit\AppData\Local\{B5B9FC37-64F9-4C0F-8A02-2AC4B83A18FC}

2013-05-15 15:33:27 -------- d-----w- C:\Users\Benoit\AppData\Local\{92BFB2DE-6491-4D32-8471-E1136828BE1A}

2013-05-14 16:31:10 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-05-14 16:31:10 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-05-14 10:44:19 -------- d-----w- C:\Users\Benoit\AppData\Local\{81775C34-C8AB-40C9-B3F7-10686859AC41}

2013-05-13 15:07:57 -------- d-----w- C:\Users\Benoit\AppData\Local\{A3070D50-89AB-4BAC-94CD-2B896D055B55}

2013-05-10 20:43:22 -------- d-----w- C:\Users\Benoit\AppData\Local\{670C01F4-64D0-4469-8E47-7D11E2E6D758}

2013-05-09 23:10:21 -------- d-----w- C:\Users\Benoit\AppData\Local\{6D8F6DD5-52FA-4C98-B374-55899E5349EB}

2013-05-09 10:42:43 -------- d-----w- C:\Users\Benoit\AppData\Local\{B471CDED-6E55-4AD4-B890-E3A38810FDFE}

2013-05-08 15:42:57 -------- d-----w- C:\Users\Benoit\AppData\Local\{DB15CC13-ACC6-4309-A77B-7949128BE4A1}

2013-05-07 20:04:46 -------- d-----w- C:\Users\Benoit\AppData\Local\{9AB816D4-1BB6-41EC-A5B9-1DDEC11F2EF7}

2013-05-06 15:23:54 -------- d-----w- C:\Users\Benoit\AppData\Local\{4D540F0C-1E3C-4290-8080-4232F8C098D5}

2013-05-05 13:14:45 -------- d-----w- C:\Users\Benoit\AppData\Local\{0DF5E129-4428-401C-8F4F-C0C5FC5802EA}

2013-05-04 11:00:17 -------- d-----w- C:\Users\Benoit\AppData\Local\{CC74E243-3015-4679-9615-B3EAE53D3135}

2013-05-03 15:26:06 -------- d-----w- C:\Users\Benoit\AppData\Local\{7FC73878-FBE8-459B-8571-5F25B9798D73}

2013-05-02 22:30:22 -------- d-----w- C:\Users\Benoit\AppData\Local\{9F81CA83-82B1-492E-AE40-B81814A18373}

2013-05-02 10:29:58 -------- d-----w- C:\Users\Benoit\AppData\Local\{F029CB57-266E-4CF5-9B51-4129A32ECA28}

2013-05-01 15:32:05 -------- d-----w- C:\Users\Benoit\AppData\Local\{4E5BAC41-A30E-4FCB-95A1-8A67FC0AAA26}

2013-04-30 22:37:42 -------- d-----w- C:\Users\Benoit\AppData\Local\{632FF845-7E74-4E21-80FE-E50B600A98C3}

2013-04-30 10:37:14 -------- d-----w- C:\Users\Benoit\AppData\Local\{61649BD4-5155-4AFF-946D-2EAFDA0B65DA}

2013-04-29 15:26:08 -------- d-----w- C:\Users\Benoit\AppData\Local\{4CDD13AA-BF0C-4D3A-9B2E-B7F6A8F0B276}

2013-04-28 12:06:11 -------- d-----w- C:\Users\Benoit\AppData\Local\{276D51E1-7AE9-4ABB-A2B9-877D0EB46C03}

2013-04-27 12:05:35 -------- d-----w- C:\Users\Benoit\AppData\Local\{25550325-592B-46BF-8398-C1AE89951A6D}

.

==================== Find3M ====================

.

2013-05-15 01:36:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 01:36:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 17:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe

2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

.

============= FINISH: 8:07:46.95 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/17/2012 4:50:31 PM

System Uptime: 5/27/2013 7:47:47 AM (1 hours ago)

.

Motherboard: Dell Inc. | | 0PXH02

Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz | U3E1 | 2101/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 912 GiB total, 431.576 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP82: 5/3/2013 7:23:35 PM - Scheduled Checkpoint

RP83: 5/16/2013 10:03:21 AM - Windows Update

RP84: 5/25/2013 6:57:24 PM - Scheduled Checkpoint

RP85: 5/26/2013 7:23:39 PM - Windows Update

RP86: 5/26/2013 7:39:49 PM - Removed Paint.NET v3.5.10

.

==== Installed Programs ======================

.

Accidental Damage Services Agreement

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 9

Adobe Premiere Elements 9

Adobe Reader X (10.1.7) MUI

Advanced Audio FX Engine

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD AVIVO64 Codecs

AMD Catalyst Install Manager

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Banctec Service Agreement

Bing Bar

Blio

Bonjour

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCleaner

Complete Care Business Service Agreement

Conexant SmartAudio HD

Consumer In-Home Service Agreement

Cozi

CyberLink PowerDVD 9.6

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Defraggler

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Digital Delivery

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell Stage Remote

Dell Touchpad

Dell VideoStage

Dell Webcam Central

eBay

Elements 9 Organizer

Elements STI Installer

Google Chrome

Hotfix for Microsoft Visual Studio 2008 Standard Edition - ENU (KB971091)

Intel PROSet Wireless

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® Rapid Start Technology

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Monitor 2.0

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® WiDi

Intel® Wireless Display

Intel® PROSet/Wireless WiFi Software

Intel® Trusted Connect Service Client

iTunes

Java 7 Update 6 (64-bit)

Java SE Development Kit 7 Update 6 (64-bit)

Junk Mail filter update

KeePass Password Safe 2.20.1

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Document Explorer 2008

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office Single Image 2010

Microsoft Office Visual Web Developer 2007

Microsoft Office Visual Web Developer MUI (English) 2007

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Database Publishing Wizard 1.2

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2008 Standard Edition - ENU

Microsoft Visual Studio Web Authoring Component

Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries

Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense

Microsoft Windows SDK for Visual Studio 2008 Tools

Microsoft Windows SDK for Visual Studio 2008 Win32 Tools

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

My Dell

NetBeans IDE 7.2

Norton Internet Security

OpenOffice.org 3.4.1

PlayReady PC Runtime x86

PowerXpressHybrid

Premium Service Agreement

PX Profile Update

QualxServ Service Agreement

Quickset64

Realtek USB 2.0 Card Reader

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype Click to Call

Skype Web Plugin 1.9.10772.12905

Skype™ 6.3

SmartSound Quicktracks for Premiere Elements 9.0

Spybot - Search & Destroy

Steam

SUPERAntiSpyware

Titanium Studio

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for Microsoft Visual Studio 2008 Standard Edition - ENU (KB972221)

VC Runtimes MSI

Visual Studio .NET Prerequisites - English

VLC media player 2.0.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

XAMPP 1.7.4

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

5/27/2013 7:50:23 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

5/26/2013 6:14:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

5/26/2013 5:11:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

5/26/2013 5:11:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/26/2013 5:11:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

5/26/2013 5:09:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_NIS DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

5/26/2013 5:09:31 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

5/25/2013 10:35:19 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer TIGERSPEED-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BBCDD201-B2F3-41CA-A73A-EE6FAB72F4C7}. The master browser is stopping or an election is being forced.

.

==== End Of File ===========================

[Maniac]

These are false positives.

Please scan your machine with ESET OnlineScan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  ESET OnlineScan
  
• Click the button.
  
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
    Save it to your Desktop.
    
  • Double click on the to download the ESET Smart Installer. icon on your Desktop.
    

  [*]Check "YES, I accept the Terms of Use."

  [*]Click the Start button.

  [*]Accept any security warnings from your browser.

  [*]Under Scan Settings, check "Scan Archives" and "Remove found threats"

  [*]Click Advanced settings and select the following:

  • Scan potentially unwanted applications
    
  • Scan for potentially unsafe applications
    
  • Enable Anti-Stealth technology

  [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  [*]When the scan completes, click List Threats

  [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  [*]Click the Back button.

  [*]Click the Finish button.

[b42]

Hi, I ran the ESET scan as instructed. It found two files, but according to a quick search these files might actually be provided by Dell for their Dell Datasafe online backup application so I'm not 100% if deleting these file is a good idea or not. ANyway, here are the exact results:

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined

[Maniac]

How are things now?

[b42]

No change at all that I can see. It's tricky to say if removing potential threats is making things better because my computer was running great all along. I never noticed any side effects, like drop in performance or strange behavior (disabled antivirus, changed home page in browser and things like that). The only thing that suggest there might have been something wrong is the registry key malware bytes found mentionned in the first post, other than that I never noticed anything wrong.

[Maniac]

Update your Malwarebytes' Anti-Malware and perform a full system scan. Let me know.

[b42]

Updated malwarebyte and did full scan as instructed. It didn't find anything. I included the log anyway for completion sake.

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.28.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16576

Benoit :: MEANMACHINE [administrator]

5/28/2013 7:36:46 AM

mbam-log-2013-05-28 (07-36-46).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 446557

Time elapsed: 29 minute(s), 48 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Maniac]

Your system seems to be clean.

Step 1

• Download OTC to your desktop and run it
  
• Click Yes to beginning the Cleanup process and remove these components, including this application.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  

Step 2

Please uninstall ESET Online Scanner.

Step 3

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[b42]

Alright, thank you for your help

[Maniac]

You're welcome!

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!