Jump to content

Rootkit.0Access.ED - Did i nip it in the bud?


Recommended Posts

Dear Malwarebytes,

Even though I scanned a suspect file 5(!) times through AVG (purchased license), which gave the file the all-clear, I believe I was infected by Rootkit.0Access.ED. I realised immediately after running the file that it wasn't legitimate and instantly pulled the ethernet cable and switched off the WiFi. I then downloaded Malwarebyte, ran a quick scan, and it Identified Rootkit.0Access.ED, which I deleted. T then restarted the PC as instructed, and ran a full scan again. This identified 3 more Rootkit.0Access.ED instances and one Spyware.Passwords, which were deleted. Another reboot and full scan has come up clean - but I'm not sure whether I definitely am! Please see below for DDS.txt and Attach.txt.

Regards,

Miguel

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.17.2

Run by miguel.calvo at 11:45:59 on 2013-05-30

Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.4003.1103 [GMT 1:00]

.

AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\vcsFPService.exe

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe

C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Users\miguel.calvo\AppData\Local\CrossLoop\CrossLoopService.exe

C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\flexnet\i486_nt\obj\lmgrd.exe

C:\windows\system32\hasplms.exe

C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

C:\windows\SysWOW64\lkads.exe

C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe

C:\Program Files (x86)\flexnet\i486_nt\obj\lmgrd.exe

C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\flexnet\i486_nt\obj\ptc_d.exe

C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

C:\windows\system32\Dwm.exe

C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\SysWOW64\lkcitdl.exe

C:\windows\SysWOW64\lktsrv.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\windows\SysWOW64\nipalsm.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe

C:\windows\SysWOW64\nipxism.exe

C:\Windows\vsnp2std.exe

C:\Windows\vsnp2uvc.exe

C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\WebEx\Productivity Tools\PTIM.exe

C:\Windows\System32\spool\drivers\x64\3\E_IATIFIE.EXE

C:\PROGRA~2\WebEx\PRODUC~1\ptSrv.exe

C:\Users\miguel.calvo\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe

C:\Program Files\DigitalPersona\Bin\DPAgent.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe

C:\Windows\FixCamera.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe

C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrvx.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\miguel.calvo\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\windows\SysWOW64\cmd.exe

C:\Program Files (x86)\proeWildfire 4.0\i486_nt\nms\nmsd.exe

C:\windows\SysWOW64\cmd.exe

C:\Program Files (x86)\proeWildfire 4.0\i486_nt\obj\xtop.exe

C:\Program Files (x86)\proeWildfire 4.0\i486_nt\obj\pro_comm_msg.exe

C:\DesignDataManager\DesignDataManager.exe

C:\Program Files (x86)\Concurrent Systems Inc\PDMIntegrator_Anydocs\PDMI_AnyDocs.exe

C:\windows\System32\WUDFHost.exe

C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe

C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe

C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe

C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe

C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=GB&userid=b9a4f06e-cc9a-4137-b440-952b38c44dbe&searchtype=hp

uSearch Bar = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=GB&userid=b9a4f06e-cc9a-4137-b440-952b38c44dbe&searchtype=ds&q={searchTerms}

uSearch Page = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=GB&userid=b9a4f06e-cc9a-4137-b440-952b38c44dbe&searchtype=ds&q={searchTerms}

uSearchAssistant = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=GB&userid=b9a4f06e-cc9a-4137-b440-952b38c44dbe&searchtype=ds&q={searchTerms}

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - LocalServer32 - <no file>

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>

BHO: WebCGMHlprObj Class: {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

uRun: [PTIM.exe] C:\Program Files (x86)\WebEx\Productivity Tools\PTIM.exe

uRun: [sX515W - HOME] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Users\MIGUEL~1.CAL\AppData\Local\Temp\E_S9F4A.tmp" /EF "HKCU"

uRun: [Google Update] "C:\Users\miguel.calvo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MusicManager] "C:\Users\miguel.calvo\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Heleni Uploader] C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe

mRun: [FixCamera] C:\windows\FixCamera.exe

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [snp2uvc] C:\windows\vsnp2uvc.exe

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\MIGUEL~1.CAL\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\miguel.calvo\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PANASO~1.LNK - C:\Program Files (x86)\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: SoftwareSASGeneration = dword:3

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: NameServer = 192.168.1.200

TCP: Interfaces\{B5E32A45-0B03-47A0-939D-026E02ED7D53} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{B84273AA-08AD-480D-AB63-141C26B342DB} : DHCPNameServer = 192.168.1.200

TCP: Interfaces\{C7946B4A-03AA-4648-AA2B-A71CE315A8DD} : DHCPNameServer = 192.168.1.200

TCP: Interfaces\{D80AA205-9853-42F2-9A1D-90D7D831A7B0} : DHCPNameServer = 192.168.1.200

TCP: Interfaces\{D80AA205-9853-42F2-9A1D-90D7D831A7B0}\244584F6D65684572623D25353B433 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{D80AA205-9853-42F2-9A1D-90D7D831A7B0}\244584F6D656845726D234433414 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{D80AA205-9853-42F2-9A1D-90D7D831A7B0}\D4F425259435F4E435140533 : DHCPNameServer = 192.168.0.2

TCP: Interfaces\{D80AA205-9853-42F2-9A1D-90D7D831A7B0}\D4F627279637F6E63702140513 : DHCPNameServer = 192.168.0.2

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - LocalServer32 - <no file>

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll

STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

LSA: Notification Packages = DPPassFilter scecli

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - LocalServer32 - <no file>

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"

x64-Run: [RPT Msgsrv] "C:\Program Files (x86)\Panasonic\Panasonic-DMS\RPT Network Printer Port\Msgsrv.exe" /NRPT Network Printer /S

x64-Run: [snp2std] C:\windows\vsnp2std.exe

x64-Run: [snp2uvc] C:\windows\vsnp2uvc.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - LocalServer32 - <no file>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll

x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R0 nipbcfk;National Instruments Class Upper Filter Driver;C:\windows\System32\drivers\nipbcfk.sys [2012-1-12 16984]

R0 nipxibaf;National Instruments PXI Bridge Access Driver;C:\windows\System32\drivers\nipxibaf.sys [2012-3-6 84688]

R0 nipxibrc;National Instruments PXI Bridge Configuration Driver;C:\windows\System32\drivers\nipxibrc.sys [2012-4-16 60640]

R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-7-27 55856]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\windows\System32\drivers\stdcfltn.sys [2011-7-27 21616]

R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 50296]

R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-27 89600]

R2 aksdf;aksdf;C:\windows\System32\drivers\aksdf.sys [2013-3-15 90056]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-27 203264]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [2011-7-27 151552]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2010-12-17 53920]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

R2 CrossLoopService;CrossLoop Service;C:\Users\miguel.calvo\AppData\Local\CrossLoop\CrossLoopService.exe [2012-11-22 569072]

R2 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-10-3 117760]

R2 hasplms;HASP License Manager;C:\windows\System32\hasplms.exe -run --> C:\windows\System32\hasplms.exe -run [?]

R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-27 13336]

R2 MoboroboDeviceService;Moborobo Device Service;C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [2013-1-2 71976]

R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-5-22 53960]

R2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe [2012-1-12 12696]

R2 nimDNSResponder;NI mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2012-5-31 258776]

R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2012-6-6 169192]

R2 nipxirmk;nipxirmk;C:\windows\System32\drivers\nipxirmkl.sys [2012-7-10 12984]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-3-18 167424]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]

R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-17 3574624]

R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-27 2655768]

R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2010-12-3 3143472]

R3 Acceler;Accelerometer Service;C:\windows\System32\drivers\Accelern.sys [2011-7-27 27760]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2010-12-17 28832]

R3 cbfs3;EldoS Callback File System driver v3;C:\windows\System32\drivers\cbfs3.sys [2013-3-20 352144]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-8-13 176000]

R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-27 317440]

R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2011-7-27 12223936]

R3 nidimk;nidimk;C:\windows\System32\drivers\nidimkl.sys [2012-6-28 13000]

R3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\windows\System32\drivers\niede.sys [2012-1-12 38064]

R3 nimru2k;nimru2k;C:\windows\System32\drivers\nimru2kl.sys [2012-6-28 13008]

R3 nimstsk;nimstsk;C:\windows\System32\drivers\nimstskl.sys [2012-7-9 13008]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]

S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\System32\drivers\ssadadb.sys [2011-5-13 36328]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2010-12-17 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2010-12-17 298144]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2010-12-17 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2010-12-17 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2010-12-17 154272]

S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2010-12-17 275616]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [2012-9-28 76904]

S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-15 1431888]

S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]

S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2010-6-25 36928]

S3 lvalarmk;lvalarmk;C:\windows\System32\drivers\lvalarmk.sys [2012-6-29 25336]

S3 ni1006k;NI PXI-1006 Chassis Pilot;C:\windows\System32\drivers\ni1006k.sys [2012-3-6 30800]

S3 ni1045k;NI PXI-1045 Chassis Pilot;C:\windows\System32\drivers\ni1045kl.sys [2012-3-6 12952]

S3 ni1065k;NI PXIe-1065 Chassis Pilot;C:\windows\System32\drivers\ni1065k.sys [2012-3-6 27288]

S3 nicdcck;nicdcck;C:\windows\System32\drivers\nicdcckl.sys [2012-7-10 12992]

S3 nicdrk;nicdrk;C:\windows\System32\drivers\nicdrkl.sys [2011-7-21 11864]

S3 nicmrk;nicmrk;C:\windows\System32\drivers\nicmrkl.sys [2012-10-8 13008]

S3 nicondrk;nicondrk;C:\windows\System32\drivers\nicondrkl.sys [2012-10-8 12976]

S3 nicsrk;nicsrk;C:\windows\System32\drivers\nicsrkl.sys [2012-10-8 12976]

S3 nidmxfk;nidmxfk;C:\windows\System32\drivers\nidmxfkl.sys [2012-7-9 12976]

S3 nidsark;nidsark;C:\windows\System32\drivers\nidsarkl.sys [2012-7-16 12992]

S3 niemrk;niemrk;C:\windows\System32\drivers\niemrkl.sys [2012-10-8 12976]

S3 niesrk;niesrk;C:\windows\System32\drivers\niesrkl.sys [2012-10-8 12976]

S3 nifslk;nifslk;C:\windows\System32\drivers\nifslkl.sys [2012-7-9 12992]

S3 nimsdrk;nimsdrk;C:\windows\System32\drivers\nimsdrkl.sys [2012-7-9 13032]

S3 nimxpk;nimxpk;C:\windows\System32\drivers\nimxpkl.sys [2012-7-9 13008]

S3 ninshsdk;ninshsdk;C:\windows\System32\drivers\ninshsdkl.sys [2012-10-9 13000]

S3 nipalfwedl;nipalfwedl;C:\windows\System32\drivers\nipalfwedl.sys [2012-6-27 12520]

S3 nipalusbedl;nipalusbedl;C:\windows\System32\drivers\nipalusbedl.sys [2012-6-27 12520]

S3 nipxigpk;NI PXI Generic Chassis Pilot;C:\windows\System32\drivers\nipxigpk.sys [2011-8-9 22680]

S3 niraptrk;niraptrk;C:\windows\System32\drivers\niraptrkl.sys [2012-10-8 12976]

S3 niscdk;niscdk;C:\windows\System32\drivers\niscdkl.sys [2012-3-7 12984]

S3 nisdigk;nisdigk;C:\windows\System32\drivers\nisdigkl.sys [2012-7-2 12960]

S3 nisftk;nisftk;C:\windows\System32\drivers\nisftkl.sys [2012-6-1 12952]

S3 nispdk;nispdk;C:\windows\System32\drivers\nispdkl.sys [2012-3-7 12984]

S3 nissrk;nissrk;C:\windows\System32\drivers\nissrkl.sys [2012-10-8 12976]

S3 nistc2k;nistc2k;C:\windows\System32\drivers\nistc2kl.sys [2009-1-5 11824]

S3 nistc3rk;nistc3rk;C:\windows\System32\drivers\nistc3rkl.sys [2012-7-10 12968]

S3 nistcrk;nistcrk;C:\windows\System32\drivers\nistcrkl.sys [2011-7-18 12968]

S3 niswdk;niswdk;C:\windows\System32\drivers\niswdkl.sys [2012-10-11 12976]

S3 nitiork;nitiork;C:\windows\System32\drivers\nitiorkl.sys [2012-7-10 13000]

S3 niufurk;niufurk;C:\windows\System32\drivers\niufurkl.sys [2012-10-8 13008]

S3 niwfrk;niwfrk;C:\windows\System32\drivers\niwfrkl.sys [2012-10-8 12984]

S3 nixsrk;nixsrk;C:\windows\System32\drivers\nixsrkl.sys [2012-10-8 12976]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-17 19456]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-7-27 250984]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-5-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]

S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-17 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-17 30208]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 tvnserver;TightVNC Server;C:\Users\miguel.calvo\AppData\Local\CrossLoop\tvnserver.exe [2012-11-22 814080]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 vpcuxd;USB Virtualization Stub Service;C:\windows\System32\drivers\vpcuxd.sys [2011-8-31 16384]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-8-1 1255736]

S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-14 25088]

S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-5-22 76488]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2013-05-30 06:54:41 -------- d-----r- C:\Users\miguel.calvo\Dropbox

2013-05-28 16:00:50 -------- d-----w- C:\Users\miguel.calvo\AppData\Roaming\Malwarebytes

2013-05-28 16:00:08 -------- d-----w- C:\ProgramData\Malwarebytes

2013-05-28 16:00:04 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-05-28 16:00:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-22 09:56:01 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2013-05-22 09:55:13 -------- d-----w- C:\Program Files\My Dell

2013-05-22 06:40:48 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-05-22 06:40:48 -------- d-----w- C:\Program Files\iTunes

2013-05-22 06:40:48 -------- d-----w- C:\Program Files\iPod

2013-05-22 06:40:48 -------- d-----w- C:\Program Files (x86)\iTunes

2013-05-21 14:29:01 -------- d-----w- C:\Program Files (x86)\proeWildfire 4.0

2013-05-21 14:26:24 -------- d-----w- C:\Program Files (x86)\flexnet

2013-05-21 14:23:43 -------- d-----w- C:\ProE License

2013-05-17 02:04:05 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-05-17 02:04:05 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2013-05-16 07:27:32 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys

2013-05-16 07:27:32 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys

2013-05-16 07:27:32 144384 ----a-w- C:\windows\System32\cdd.dll

2013-05-16 07:27:00 1930752 ----a-w- C:\windows\System32\authui.dll

2013-05-16 07:26:59 70144 ----a-w- C:\windows\System32\appinfo.dll

2013-05-16 07:26:59 1796096 ----a-w- C:\windows\SysWow64\authui.dll

2013-05-16 07:26:59 111448 ----a-w- C:\windows\System32\consent.exe

2013-05-16 07:26:44 48640 ----a-w- C:\windows\System32\wwanprotdim.dll

2013-05-16 07:26:44 3153920 ----a-w- C:\windows\System32\win32k.sys

2013-05-16 07:26:44 230400 ----a-w- C:\windows\System32\wwansvc.dll

2013-05-10 11:59:54 4194304 ----a-w- C:\windows\SysWow64\cdintf400.dll

2013-05-10 11:15:49 -------- d-----w- C:\Program Files (x86)\Common Files\Aladdin Shared

2013-05-10 11:15:48 4466120 ----a-w- C:\windows\System32\hasplms.exe

2013-05-05 00:40:35 -------- d-----w- C:\Users\miguel.calvo\AppData\Local\3Dconnexion

2013-05-04 15:17:00 -------- d-----w- C:\Users\miguel.calvo\Tracing

.

==================== Find3M ====================

.

2013-05-17 13:07:56 13608 ----a-w- C:\windows\SysWow64\drivers\MoborobAssDriver64.sys

2013-05-15 11:00:16 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 11:00:16 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys

2013-04-05 01:08:44 2312704 ----a-w- C:\windows\System32\jscript9.dll

2013-04-05 01:00:30 1392128 ----a-w- C:\windows\System32\wininet.dll

2013-04-05 00:59:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2013-04-05 00:56:16 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2013-04-05 00:55:47 599040 ----a-w- C:\windows\System32\vbscript.dll

2013-04-04 22:11:34 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-04-04 22:02:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2013-04-04 22:02:17 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2013-04-04 21:58:51 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2013-04-04 21:57:45 420864 ----a-w- C:\windows\SysWow64\vbscript.dll

2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe

2013-03-15 11:52:10 4466120 ----a-w- C:\windows\System32\aksllmtp.exe

2013-03-15 11:52:08 90056 ----a-w- C:\windows\System32\drivers\aksdf.sys

2013-03-15 11:52:08 77768 ----a-w- C:\windows\System32\aksusb4.dll

2013-03-15 11:52:08 70088 ----a-w- C:\windows\System32\akshhl30.dll

2013-03-15 11:52:08 63944 ----a-w- C:\windows\System32\drivers\akshhl.sys

2013-03-15 11:52:08 60488 ----a-w- C:\windows\System32\drivers\akshasp.sys

2013-03-15 11:52:08 331144 ----a-w- C:\windows\System32\drivers\hardlock.sys

2013-03-15 11:52:08 303368 ----a-w- C:\windows\System32\drivers\aksusb.sys

2013-03-15 11:52:08 21448 ----a-w- C:\windows\System32\drivers\aksclass.sys

2013-03-15 11:52:08 18376 ----a-w- C:\windows\System32\akshsp52.dll

2013-03-15 11:52:08 141064 ----a-w- C:\windows\System32\drivers\aksfridge.sys

2013-03-12 08:04:28 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-12 08:04:26 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

2013-03-12 08:04:26 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll

.

============= FINISH: 11:46:59.71 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 01/08/2011 11:35:02

System Uptime: 30/05/2013 07:42:09 (4 hours ago)

.

Motherboard: Dell Inc. | | 0M516T

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 244.816 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Dell Wireless 1702 Bluetooth v3.0+HS

Device ID: USB\VID_0CF3&PID_3002\6&33FB28DE&0&4

Manufacturer: Atheros Communications

Name: Dell Wireless 1702 Bluetooth v3.0+HS

PNP Device ID: USB\VID_0CF3&PID_3002\6&33FB28DE&0&4

Service: BTHUSB

.

==== System Restore Points ===================

.

RP250: 17/05/2013 03:00:52 - Windows Update

RP251: 24/05/2013 13:11:48 - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

123 AVI to GIF Converter 4.0

2.0

3Dconnexion 3DxSoftware (x64 Edition)

3Dconnexion 3DxWare (x64)

3Dconnexion Add-In for AutoCAD 2007 - 2010

3Dconnexion Add-In for Inventor 11 - 2012

3Dconnexion Add-In for Solid Edge V18 - ST4

3Dconnexion Add-In for SolidWorks 2005 - 2012 (x64)

3Dconnexion Add-On for XSI v5.0 - 2012

3Dconnexion Collage

3Dconnexion Extension for SketchUp

3Dconnexion Plug-In for 3ds Max v9 - 2012

3Dconnexion Plug-in for Acrobat 3D

3Dconnexion Plug-In for Maya v8.5 - 2012

3Dconnexion Plug-In for NX v3.0 - v8.0

3Dconnexion Plug-In for Photoshop CS3 - CS5

3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 1.0

3Dconnexion Trainer

64 Bit HP CIO Components Installer

7-Zip 9.20 (x64 edition)

AccelerometerP11

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6)

Advanced Audio FX Engine

Agros2D 1.9.5.894 (2011-10-01)

allCLEAR 6.10

AMD APP SDK Runtime

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Arbortext IsoView 7.1

ASUS WebStorage

ATI AVIVO64 Codecs

ATI Catalyst Install Manager

AVG 2013

AVG PC Tuneup 2011

AVI GIF Converter 1.08

Bing Bar

Bing Rewards Client Installer

BlackBerry Desktop Software 6.1

Bluetooth Win7 Suite (64)

Bonjour

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Chinese Traditional Fonts Support For Adobe Reader X

Cisco WebEx Meetings

Citrix XenApp Web Plugin

Communications Utility

Core Temp version 0.99.7

Creo Elements/Direct Modeling Express 4.0 ( x64 )

Creo View Express 1.0

CrossLoop 2.82

Crystal Reports 2008 Runtime

Crystal Reports Viewer 2011 SP4

crystalreports.designers.java.documentation.viewer-4.0-en-32

crystalreports.designers.java.javaviewer-4.0-core-32

crystalreports.designers.java.javaviewer-4.0-en-32

crystalreports.designers.java.launcher-4.0-core-32

CutePDF Writer 2.8

CyberLink PowerDVD 9.5

D3DX10

DBPix 2.0 Control 2.0.3

DBPix20

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Backup and Recovery Manager

Dell Edoc Viewer

Dell Touchpad

Dell Webcam Central

Dell WLAN and Bluetooth Client Installation

DesignDataManager

DesignPro 5

Digital microscope

DigitalPersona Fingerprint Software 5.20

DirectX 9 Runtime

DivX Setup

DraftSight x64

Dropbox

EPSON SX510W Series Printer Uninstall

femm 4.2 11Apr2012

ffdshow v1.1.3949 [2011-07-25]

firstobject XML Editor version 2.4.2

FMEA-Pro 7

fnc61_crviewer.msi

Fotosizer 1.32

GIMP 2.8.0

Google Chrome

Google Drive

Google Earth Plug-in

Google Update Helper

GoToMeeting 5.2.0.952

HandBrake 0.9.8

HP Designjet 500-800 series FUU

HP ePrint and Share

HTC BMP USB Driver

HTC Driver Installer

HTC Sync Manager

iCloud

IDT Audio

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Monitor 2.0

IPTInstaller

iTunes

Japanese Fonts Support For Adobe Reader X

Java 7 Update 17

Java Auto Updater

Java™ 6 Update 24 (64-bit)

Java™ 6 Update 31

JavaFX 2.1.1

Junk Mail filter update

K-Lite Codec Pack 6.2.0 (Basic)

KARALIT CFD version FD1.2

LinkedIn Outlook Connector

LinuxLive USB Creator

LISA 7.7.0

Lua for Windows 5.1.4-46

MakeMKV v1.8.0

Malwarebytes Anti-Malware version 1.75.0.1300

Mathcad 14.0 M011

Mathcad 14.0 M011 Help

Mathcad 14.0 M011 Resource Center

MATLAB 7.0.4

Maxthon Cloud Browser

MediaCoder 2011

Mesh Runtime

MicroCapture 2.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Access 2010 Runtime Service Pack 1 (SP1)

Microsoft Access Runtime 2010

Microsoft Application Error Reporting

Microsoft GIF Animator

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Primary Interop Assemblies

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Runtime 2010

Microsoft Office Access Runtime MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 64-bit Components 2007

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Project 2007 Service Pack 3 (SP3)

Microsoft Office Project MUI (English) 2007

Microsoft Office Project Standard 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2007

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Silverlight 5.1

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual Basic for Applications 7.1 (x64)

Microsoft Visual Basic for Applications 7.1 (x64) English

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ Run Time Lib Setup

Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft XNA Framework Redistributable 3.1

MINITAB Release 14

Moborobo 2.1.2.706

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Music Manager

My Dell

National Instruments Software

NI-APAL 2.2 64-Bit Error Files

NI-APAL 2.2 Error Files

NI-APAL 2.2 Error Files for LabVIEW RT

NI-DAQ INF Files 19.6.1

NI-DAQmx 653x Installer 1.9.7

NI-DAQmx 653x Installer for 64 Bit Windows 1.9.7

NI-DAQmx 9.6.1

NI-DAQmx ADE Support 9.6.1

NI-DAQmx and NI-DAQ Common Documents 9.6.1

NI-DAQmx C and VB6 API 2.7.0

NI-DAQmx Common Digital 1.15.0

NI-DAQmx Common Digital for 64 Bit Windows 1.15.0

NI-DAQmx DAQ Assistant 2.4.0

NI-DAQmx DAQ Assistant 64-bit 2.4.0

NI-DAQmx Documentation 9.6.0

NI-DAQmx Documentation for 64 bit Windows 9.6.0

NI-DAQmx Dynamic Signal Acquisition for 64 Bit Windows 2.5.0

NI-DAQmx Dynamic Signal Acquisition Installer 2.5.0

NI-DAQmx FSL Installer 2.2.0

NI-DAQmx FSL Installer for 64-Bit Windows 2.2.0

NI-DAQmx MAX Configuration Support 9.6.1

NI-DAQmx MAX Support 64-bit 2.6.0

NI-DAQmx MIO Device Drivers 2.9.1

NI-DAQmx MIO Device Drivers for 64 Bit Windows 2.9.1

NI-DAQmx MX Expert Framework 2.12.0

NI-DAQmx MX Expert Framework for 64 Bit Windows 2.12.0

NI-DAQmx SCXI 2.1.1

NI-DAQmx SCXI for 64 Bit Windows 2.1.1

NI-DAQmx STC 1.11.0

NI-DAQmx STC for 64 Bit Windows 1.11.0

NI-DAQmx support for LabVIEW 2.5.0

NI-DAQmx Switch Core 2.5.1

NI-DAQmx Switch Core for 64 Bit Windows 2.5.1

NI-DAQmx Timing for 64 Bit Windows 2.6.0

NI-DAQmx Timing Installer 2.6.0

NI-DAQmx/LabVIEW shared documentation 9.6.0

NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 9.6.0

NI-DIM 3.0.0f0

NI-DIM 3.0.0f0 for 64 Bit Windows

NI-MDBG 3.0.0f0

NI-MDBG 3.0.0f0 for 64 Bit Windows

NI-MRU 3.0.0f0

NI-MRU 3.0.0f0 for 64 Bit Windows

NI-MXDF 3.0.0f0

NI-MXDF 3.0.0f0 for 64 Bit Windows

NI-MXLC Core (32-bit)

NI-MXLC Core (64-bit)

NI-MXLC LabVIEW 2009 Support

NI-MXLC LabVIEW 2010 Support

NI-MXLC LabVIEW 2011 Support

NI-MXLC LabVIEW 2012 Support

NI-ORB 3.0

NI-ORB 3.0 for 64-bit Windows

NI-PAL 2.9 64-Bit Error Files

NI-PAL 2.9 Error Files

NI-PAL 2.9.0f0

NI-PAL 2.9.0f0 for 64 Bit Windows

NI-RPC 3.2.1f0 for Phar Lap ETS

NI-RPC 4.3.0f0

NI-RPC 4.3.0f0 for 64 Bit Windows

NI-RPC 4.3.0f0 for Phar Lap ETS

NI .NET Framework 4.0

NI AFW Channel Configuration Tool

NI AFW Custom UI

NI AFW Custom UI Assemblies

NI AFW UI Assemblies

NI Assistant Framework

NI Assistant Framework 64-bit

NI Atomic PXIe Peripheral Module Driver 2.3.0

NI Authentication 12.0.0

NI Authentication 12.0.0 (64-bit)

NI Calibration Provider for MAX 5.3.0

NI Calibration Provider Help for 64 Bit Windows

NI Certificates Deployment Support

NI Curl 12.0.0

NI Curl 12.0.0 (64-bit)

NI DataSocket 4.3.0

NI Error Reporting 2011 SP1

NI Ethernet Device Enumerator

NI Ethernet Device Enumerator 64-Bit

NI EulaDepot

NI GMP Windows 32-bit Installer 12.0.0

NI GMP Windows 64-bit Installer 12.0.0

NI Help Assistant

NI Help Assistant (64bit)

NI Help Configuration Utility for VS2010

NI IO Trace 3.0.2

NI LabVIEW 2009 SP1 Run-Time Engine Web Services

NI LabVIEW 2010 Real-Time NBFifo

NI LabVIEW 2011 Deployment Framework

NI LabVIEW 2011 Real-Time NBFifo

NI LabVIEW 2012 Real-Time Error Dialog

NI LabVIEW Broker

NI LabVIEW Broker (64 bit)

NI LabVIEW C Interface

NI LabVIEW Deployable License 8.0

NI LabVIEW Real-Time FIFO for Runtime

NI LabVIEW Real-Time NBFifo

NI LabVIEW Run-Time Engine 2009 SP1

NI LabVIEW Run-Time Engine 2010 SP1

NI LabVIEW Run-Time Engine 2011 SP1

NI LabVIEW Run-Time Engine 8.0

NI LabVIEW Run-Time Engine 8.2.1

NI LabVIEW Run-Time Engine Interop 2009

NI LabVIEW Run-Time Engine Interop 2010

NI LabVIEW Run-Time Engine Interop 2011

NI LabVIEW SignalExpress 2012 Datatypes

NI LabVIEW SignalExpress 2012 Tools

NI LabVIEW Web Server for Run-Time Engine

NI LabWindows/CVI 2010 SP1 Code Generator

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)

NI LabWindows/CVI 2010 SP1 Network Variable Library

NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit)

NI License Manager

NI Logos 5.3.0

NI Logos XT Support

NI Logos64 5.3.0

NI Logos64 XT Support

NI Math Kernel Libraries

NI Math Kernel Libraries (64-bit)

NI MAX Remote Configuration 64-bit Installer 5.3

NI MAX Remote Configuration Installer 5.3

NI MAX Support for 64 Bit Windows

NI MDF Support

NI mDNS Responder 2.1 for Windows 64-bit

NI mDNS Responder 2.1.0

NI Measurement & Automation Explorer 5.3.1

NI Measurement Studio 2010 Service Pack 1 Enterprise RunTime for VS2010

NI Measurement Studio Common .NET Assemblies (x64) for .NET 4.0

NI Measurement Studio Common .NET Assemblies for .NET 4.0

NI Measurement Studio Recipe Processor

NI MetaSuite Installer

NI MXS 5.3.0

NI MXS 5.3.0 for 64 Bit Windows

NI Network Browser 5.3.0

NI Network Discovery 5.3

NI Network Discovery 5.3 for Windows 64-bit

NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support

NI OPC Support

NI Portable Configuration 5.3.0

NI Portable Configuration for 64 Bit Windows 5.3.0

NI PXI Hardware 64-bit Support 3.0.3

NI PXI Platform Framework 1.6.0

NI PXI Platform Framework 1.6.0 64-bit

NI PXI Platform Services 3.0.3

NI PXI Platform Services 3.0.3 Configuration Support

NI PXI Platform Services 3.0.3 Expert

NI PXI SystemAPI Expert 3.0.3

NI PXI SystemAPI Expert 64-bit 3.0.3

NI Registration Wizard

NI Remote Provider for MAX 5.3.0

NI Remote PXI Provider for MAX 5.3.0

NI RTSI Cable Core Installer 1.3.0

NI RTSI Cable Core Installer for 64 Bit Windows 1.3.0

NI RTSI PAL Device Library Installer 1.3.0

NI RTSI PAL Device Library Installer for 64 Bit Windows 1.3.0

NI RTSI UI Provider 1.3.0

NI RTSI UI Provider for 64 Bit Windows 1.3.0

NI Security Update (KB5Q5FJ4QW) - LabVIEW Run-Time Engine 8.2

NI Software Provider for MAX 5.3.0

NI Spy Windows 64 Support 3.0.2

NI SSL Support

NI SSL Support (64-bit)

NI System API Web-Servce 32-bit 5.3.1

NI System API Windows 32-bit 5.3.1

NI System API Windows 64-bit 5.3.1

NI System Configuration 5.3.0 LabVIEW Support

NI System Configuration CVI Support 5.3.0

NI System Configuration Runtime 5.3.0

NI System Configuration Runtime 5.3.0 for Windows 64-bit

NI System State Publisher

NI System State Publisher (64-bit)

NI System Web Server 12.0

NI System Web Server Base 12.0.0

NI System Web Server Base 12.0.0 (64-bit)

NI TDM Excel Add-In 3.4

NI TDM Excel Add-In 3.4 64-bit

NI TDM Streaming 2.4

NI TDM Streaming 2.4 (64-bit)

NI Trace Engine

NI Trace Engine (64-bit)

NI Uninstaller

NI Update Service 2.1

NI USI 1.2.0

NI Variable Engine (64-bit)

NI Variable Engine 2.5.0

NI VC2005MSMs x64

NI VC2005MSMs x86

NI VC2008MSMs x64

NI VC2008MSMs x86

NI VC2010MSMs x64

NI VC2010MSMs x86

NI Visual C++ 2010 Redistributable Package

NI Web Application Server 12.0

NI Web Application Server 12.0 (64-bit)

NI Xalan Delay Load 1.10.2

NI Xalan Delay Load 1.10.2 64-bit

NI Xerces Delay Load 2.7.3

NI Xerces Delay Load 2.7.3 64-bit

NTC R/T Calculation

NTC R/TCalculation 2.0

Panasonic Communications Utility

Panasonic Printer Drivers

Panasonic Printing System

Panasonic RPT Network Printer Port

Panasonic Windows Firewall Setting Tool

PDM AnyDocs

PhotoShowExpress

PowerXpressHybrid

Pro/ENGINEER Release Wildfire 4.0 Datecode M190

product.crystalreportsviewer.arp.icon-4.0-core-32

product.crystalreportsviewer.installiverse.reg-4.0-core-nu

product.crystalreportsviewer.langpackproperty-4.0-core-nu

product.crystalreportsviewer.langpackproperty-4.0-en-nu

ProtoView

PX Profile Update

Quickset64

QuickTime

R-Studio 6.1

RBVirtualFolder64Inst

Realtek Ethernet Controller Driver

Realtek USB 2.0 Card Reader

Renesas Electronics USB 3.0 Host Controller Driver

Reset NI Config 5.0.0

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Sage v6 Executable Software

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype Click to Call

Skype™ 6.3

SkyStudio Pro version 1.1.0.17

SolidWorks 2013 x64 Edition SP0

SolidWorks eDrawings 2011 x64

SolidWorks eDrawings 2013 x64 Edition SP0

SolidWorks Explorer 2011 SP04

SolidWorks Explorer 2013 SP0 x64 Edition

Sonic CinePlayer Decoder Pack

Spring Calculator Professional

Syntext Serna Free 4.4.0

TeamViewer 8

tp.azalea.fonts-5.5-core-nu

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft Office Project 2007 Help (KB963668)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

USB2.0 2MP UVC Camera

Validity Sensors DDK

VC80CRTRedist - 8.0.50727.6195

VidGIF

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

Visual Studio Tools for the Office system 3.0 Runtime

VLC media player 1.1.11

WebEx Productivity Tools

Windows Firewall Setting Tool

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

Windows XP Mode

WinMPG VideoConvert 9.2.9.0

XML Notepad 2007

.

==== Event Viewer Messages From Past Week ========

.

30/05/2013 11:13:00, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.

30/05/2013 10:56:17, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

30/05/2013 07:44:05, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

30/05/2013 07:43:45, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: NetworkX

30/05/2013 07:43:03, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

30/05/2013 07:42:58, Error: Service Control Manager [7000] - The Crypkey License service failed to start due to the following error: The system cannot find the file specified.

30/05/2013 07:42:53, Error: Service Control Manager [7000] - The cvintdrv service failed to start due to the following error: This driver has been blocked from loading

30/05/2013 07:42:53, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\cvintdrv.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

29/05/2013 12:05:58, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

28/05/2013 17:22:35, Error: Service Control Manager [7034] - The Moborobo Device Service service terminated unexpectedly. It has done this 1 time(s).

28/05/2013 17:22:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

28/05/2013 17:22:29, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

27/05/2013 09:58:18, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847

24/05/2013 08:51:24, Error: Service Control Manager [7000] - The MoboroboAssDriver service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

23/05/2013 07:43:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 8 service to connect.

23/05/2013 07:43:02, Error: Service Control Manager [7000] - The TeamViewer 8 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

post-140678-0-23558300-1369911467.jpg

Link to post
Share on other sites

Hello Miguel and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

I'm afraid I have bad news.

One or more of the identified infections is a rootkit. Rootkits are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

I suggest you disconnect this computer from the Internet immediately you finish reading this post.

If you do any banking or other financial transactions on the computer, or if it contains any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, your computer is very likely compromised and there is no way to be sure your computer can ever again be trusted.

Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the Operating System.

Visit the following sites for more information on Internet theft and when to reformat!

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

Should you decide not to follow that advice, we will of course do our best to clean the computer of any infections that we can see but, as I already stated, we can in no way guarantee it to be trustworthy.

If you have any questions before making a final decision, please feel free to ask.

Instructions how to format and reinstall Windows can be found here

Link to post
Share on other sites

Hi Maniac,

Thanks for the fast response!

I use this laptop for work as well as private uses. I am a heavy user of cloud services, online forums, internet baking, online purchasing, social networking etc...

I have already changed my goggle account passwords (and activated 2 step verification!) and most of my other accounts, but there are such a lot of them, I hit them as I remember!

I suppose my question to you is: is a complete format really necessary? It will greatly hinder my work as I have been using that machine mostly for work for the last year. If you consider that it is the best way forward I will do as you recommend, as there is a lot of intellectual property stored on that machine which I can't let loose into the world!

My company are very willing to offer a donation for your services should you believe there is a secure way to fix the machine without a full format - but I stress again - if you believe there is a chance that we will not weed out the infection, I will have to just accept it and spend the next few days rebuilding the machine back to my (admittedly OCD) tastes.

Regards,

Miguel

Link to post
Share on other sites

I suppose my question to you is: is a complete format really necessary? It will greatly hinder my work as I have been using that machine mostly for work for the last year. If you consider that it is the best way forward I will do as you recommend, as there is a lot of intellectual property stored on that machine which I can't let loose into the world!

My opinion: It is absolutely necessary for you because you are working with extremely sensitive information (online banking, etc.), can't afford such a big risk. However, the decision is entirely yours.

My company are very willing to offer a donation for your services should you believe there is a secure way to fix the machine without a full format - but I stress again - if you believe there is a chance that we will not weed out the infection, I will have to just accept it and spend the next few days rebuilding the machine back to my (admittedly OCD) tastes.

I could help to clean your system (up to 99%, because no one can guarantee 100%). If you want I can do it, even temporarily, in some future period of time you can find time to do a full format.

Link to post
Share on other sites

Hi Manic,

It's clear, I will format the Laptop and start from scratch (however convenient it is!).

One question - I have all my business data stored in "my documents" - many gigabytes of reports, presentations, CAD data, photos etc... Is it safe to copy these to an external drive and replace them after rebuilding the machine? Or will there be some remnants of the infection lurking in there?

BTW, I have already authorised via our admin manager a small payment to you for your time - you should receive it later on this afternoon. Thanks!

Link to post
Share on other sites

One question - I have all my business data stored in "my documents" - many gigabytes of reports, presentations, CAD data, photos etc... Is it safe to copy these to an external drive and replace them after rebuilding the machine? Or will there be some remnants of the infection lurking in there?

Those type of files are fine, you can do it. Before you transfer anything on your new clean machine, make sure that you have taken measures against malware. Here some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Thank you very much! :)

Link to post
Share on other sites

Hi Maniac,

One last thing - I've copied all my docs across to an external HDD. My Dell came with it's own restore and backup software. There is an image taken the day it shipped of the unit as dispatched (i.e. Win 7 Pro 64bit with Office 2010 pre-installed).

Am I ok to format and re install to the factory image, or could this have been corrupted by the infection?

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.