Jump to content

Recommended Posts

This is my second post about this problem. I wanted to start a new thread for three reasons, however: yesterday's post was frantic and I neglected some major points, I've made some progress, and bumping the old thread would reduce my chances of getting help.

To recap, I am infected with what appears to be a new form of the "spyware protection" virus, renamed "malware protection." The warnings and popups it gives are exactly the same, except with a new name.

First things first: I never even tried safe mode. Mistake on my part. I was able to run MBAM in safe mode today, and will post the log below.

However, rebooting uncovered another problem: sometimes when I reboot, though not always, I am greeted with a black screen and ticking cursor, as though the system were waiting for a prompt, but no input was possible. This occurred both before and AFTER I ran MBAM and deleted a few suspect files, including one definitely associated with "spyware protection" and "malware protection."

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6557

Windows 6.1.7600 (Safe Mode)

Internet Explorer 8.0.7600.16385

5/11/2011 2:54:42 PM

mbam-log-2011-05-11 (14-54-42).txt

Scan type: Quick scan

Objects scanned: 155978

Time elapsed: 1 minute(s), 41 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Malware Protection (Trojan.Agent) -> Value: Malware Protection -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\Nick\AppData\Roaming\defender.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Hi, thanks for the response.

Here is the requested log:

.

DDS (Ver_11-03-05.01) - NTFS_AMD64

Run by Nick at 10:24:58.88 on Fri 05/13/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3959.2988 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\mcafee.com\agent\mcagent.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Nick\Desktop\dds.scr

C:\Windows\system32\conhost.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110507225621.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

StartupFolder: C:\Users\Nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110428164950.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

mRun-x64: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\x6r7637w.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-5 529128]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-5 283360]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-28 55280]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-1-5 75032]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-25 203264]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-4-28 200056]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-4-28 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2011-4-28 149032]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-28 689472]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-4-25 6857728]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-4-25 264192]

R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2011-5-7 20984]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-5 62800]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-28 172704]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-5 190136]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-5 441328]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2010-10-15 150408]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-25 53800]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-28 35104]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-5 94864]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-8 1255736]

S4 McOobeSv;McAfee OOBE Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2011-05-12 00:57:23 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-05-12 00:57:23 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-05-11 20:00:57 -------- d-----w- C:\Users\Nick\AppData\Roaming\PCDr

2011-05-11 20:00:02 -------- d-----w- C:\PROGRA~3\PCDr

2011-05-11 19:28:26 5475712 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-05-11 19:28:26 3967360 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-05-11 19:28:25 3911552 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-05-11 19:28:14 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-05-11 19:28:14 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-05-11 19:28:14 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-05-11 19:28:14 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-05-11 19:28:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-05-11 19:28:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-05-11 19:28:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-05-11 18:51:45 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-11 18:51:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-05-11 18:45:54 -------- d-----w- C:\Users\Nick\AppData\Roaming\Malwarebytes

2011-05-11 18:45:50 -------- d-----w- C:\PROGRA~3\Malwarebytes

2011-05-11 18:45:47 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-05-08 23:41:20 -------- d-----w- C:\Program Files (x86)\Mass Effect 2 Demo

2011-05-08 23:41:19 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2011-05-08 23:38:17 -------- d-----w- C:\Program Files (x86)\Power Tab Software

2011-05-08 22:25:26 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

2011-05-08 22:20:42 -------- d-----w- C:\Windows\SysWow64\Wat

2011-05-08 22:20:42 -------- d-----w- C:\Windows\System32\Wat

2011-05-08 04:26:19 367104 ----a-w- C:\Windows\System32\wcncsvc.dll

2011-05-08 04:26:19 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll

2011-05-08 04:23:07 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-05-08 04:23:07 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2011-05-08 04:23:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2011-05-08 04:23:07 444752 ----a-w- C:\Windows\System32\mscoree.dll

2011-05-08 04:23:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2011-05-08 04:23:07 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2011-05-08 04:23:07 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-05-08 04:23:07 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2011-05-08 04:23:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2011-05-08 04:23:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2011-05-08 03:56:21 24376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

2011-05-07 22:34:27 20984 ----a-w- C:\Windows\System32\drivers\bcmvwl64.sys

2011-05-07 22:32:47 45056 ----a-r- C:\Users\Nick\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe

2011-05-07 22:32:43 -------- d-----w- C:\Windows\SysWow64\vmm32

2011-05-07 21:48:59 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-05-07 07:08:40 70656 ----a-w- C:\Users\Nick\AppData\Roaming\imapi.exe

2011-05-02 18:44:25 -------- d-----w- C:\Users\Nick\AppData\Local\Microsoft Games

2011-05-01 01:40:15 -------- d-----w- C:\Users\Nick\AppData\Local\Diagnostics

2011-04-28 22:49:00 -------- d-----w- C:\Users\Nick\AppData\Local\Adobe

2011-04-28 21:51:36 -------- d-----w- C:\Users\Nick\AppData\Local\Mozilla

2011-04-28 21:31:16 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2011-04-28 21:30:37 -------- d-----w- C:\Users\Nick\AppData\Local\Microsoft Help

2011-04-28 21:21:11 -------- d-sh--w- C:\System Recovery

2011-04-28 21:19:56 -------- d-----w- C:\Users\Nick\AppData\Roaming\Dell

2011-04-28 21:19:50 -------- d-----w- C:\Users\Nick\AppData\Local\Stardock_Corporation

2011-04-28 21:19:37 -------- d-----w- C:\Users\Nick\AppData\Local\DataSafeOnline

2011-04-28 21:19:37 -------- d-----w- C:\Users\Nick\AppData\Local\Broadcom

2011-04-28 21:19:36 -------- d-----w- C:\Users\Nick\AppData\Local\ATI

2011-04-28 21:19:06 -------- d-----w- C:\Users\Nick\AppData\Local\VirtualStore

2011-04-28 21:05:56 -------- d-----w- C:\Program Files (x86)\Dell

2011-04-28 21:03:59 -------- dc-h--w- C:\PROGRA~3\{04A07C23-5821-4F25-BF46-1188636AE238}

2011-04-28 21:03:42 -------- d-----w- C:\Program Files (x86)\Microsoft

2011-04-28 21:03:38 -------- d-----w- C:\Program Files (x86)\MSN Toolbar

2011-04-28 21:03:32 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer

2011-04-28 21:03:25 -------- d-----w- C:\Program Files\Dell Support Center

2011-04-28 21:02:44 -------- d-----w- C:\Windows\en

2011-04-28 21:01:34 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2011-04-28 20:59:57 -------- d-----w- C:\Windows\PCHEALTH

2011-04-28 20:59:21 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2011-04-28 20:59:21 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2011-04-28 20:59:21 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2011-04-28 20:59:21 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2011-04-28 20:59:04 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll

2011-04-28 20:59:04 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll

2011-04-28 20:58:03 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2011-04-28 20:58:03 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2011-04-28 20:58:02 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2011-04-28 20:58:02 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2011-04-28 20:56:36 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c3677e7e1cc05e606\MeshBetaRemover.exe

2011-04-28 20:56:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\DSETUP.dll

2011-04-28 20:56:35 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\DXSETUP.exe

2011-04-28 20:56:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\dsetup32.dll

2011-04-28 20:56:26 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\DSETUP.dll

2011-04-28 20:56:26 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\DXSETUP.exe

2011-04-28 20:56:26 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\dsetup32.dll

2011-04-28 20:56:24 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc2b8fe91cc05e603\Silverlight.4.0.exe

2011-04-28 20:56:17 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2011-04-28 20:56:07 -------- d--h--w- C:\Windows\msdownld.tmp

2011-04-28 20:53:20 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys

2011-04-28 20:52:23 -------- d-----w- C:\Program Files (x86)\mcafee.com

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\mcafee.com

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\mcafee

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\Common Files\mcafee

2011-04-28 20:52:22 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee

2011-04-28 20:52:21 -------- d-----w- C:\Program Files (x86)\McAfee

2011-04-28 20:52:13 -------- d-----w- C:\PROGRA~3\Uninstall

2011-04-28 20:51:51 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2011-04-28 20:51:51 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2011-04-28 20:51:51 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2011-04-28 20:51:51 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2011-04-28 20:51:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2011-04-28 20:51:49 -------- d-----w- C:\Program Files (x86)\Roxio

2011-04-28 19:13:20 0 ----a-w- C:\Windows\ativpsrm.bin

2011-04-28 17:36:37 74 --sh--r- C:\Windows\CT4CET.bin

2011-04-28 17:36:14 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion

2011-04-28 17:35:48 -------- d-----w- C:\Program Files (x86)\Creative

2011-04-28 17:35:24 -------- d-----w- C:\Program Files (x86)\Dell Webcam

2011-04-28 17:35:23 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys

2011-04-28 17:35:23 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys

2011-04-28 17:35:19 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam

2011-04-28 17:34:55 -------- d-----r- C:\Program Files (x86)\Skype

2011-04-28 17:34:49 -------- d-----w- C:\Program Files (x86)\Cozi Express

2011-04-28 17:34:49 -------- d-----w- C:\PROGRA~3\Cozi

2011-04-28 17:33:47 -------- d-----w- C:\Temp

2011-04-28 17:33:44 151656 ----a-w- C:\Windows\System32\drivers\WimFltr.sys

2011-04-28 17:33:32 -------- d-----w- C:\Program Files (x86)\Dell DataSafe Local Backup

2011-04-28 17:33:16 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll

2011-04-28 17:33:16 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe

2011-04-28 17:33:16 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll

2011-04-28 17:33:16 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll

2011-04-28 17:33:15 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll

2011-04-28 17:33:15 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll

2011-04-28 17:33:15 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll

2011-04-28 17:28:00 -------- d-----w- C:\Program Files (x86)\WildTangent

2011-04-28 17:28:00 -------- d-----w- C:\PROGRA~3\WildTangent

2011-04-28 17:27:21 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

2011-04-28 17:27:17 -------- d-----w- C:\Program Files (x86)\Dell DataSafe Online

2011-04-28 17:27:10 -------- d-----w- C:\Program Files (x86)\Absolute Software

2011-04-28 17:27:04 -------- d-----w- C:\Program Files (x86)\Citrix

2011-04-28 17:25:49 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys

2011-04-28 17:25:49 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys

2011-04-28 17:25:49 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys

2011-04-28 17:25:48 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys

2011-04-28 17:24:42 -------- d-----w- C:\Program Files\WIDCOMM

2011-04-28 17:23:08 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2011-04-28 17:23:06 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll

2011-04-28 17:23:06 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll

2011-04-28 17:23:06 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe

2011-04-28 17:23:06 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll

2011-04-28 17:23:06 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll

2011-04-28 17:23:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll

2011-04-28 17:23:05 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll

2011-04-28 17:23:05 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll

2011-04-28 17:22:57 -------- d-----w- C:\Program Files (x86)\Cisco

2011-04-28 17:20:55 521448 ----a-w- C:\Windows\System32\deployJava1.dll

2011-04-26 01:13:55 -------- d-----w- C:\backup

2011-04-26 01:10:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2011-04-26 00:36:29 53800 ----a-w- C:\Windows\System32\drivers\btusbflt.sys

2011-04-26 00:35:59 54272 ----a-w- C:\Windows\System32\atimpc64.dll

2011-04-26 00:33:36 -------- d-----w- C:\hotfix

2011-04-26 00:33:03 -------- d-----w- C:\Windows\System32\oem

2011-04-26 00:33:02 -------- d-----w- C:\Windows\Panther

2011-04-26 00:33:02 -------- d-----w- C:\Drivers

2011-04-26 00:28:07 -------- d-----w- C:\dell

.

==================== Find3M ====================

.

2011-04-28 17:20:35 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-04-26 01:10:59 902656 ----a-w- C:\Windows\System32\d2d1.dll

2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys

2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll

2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe

2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll

2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys

2011-02-26 06:23:14 2870272 ----a-w- C:\Windows\explorer.exe

2011-02-26 05:33:07 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll

2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec

2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll

2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll

2011-02-18 06:33:50 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll

2011-02-18 05:33:29 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

.

============= FINISH: 10:25:51.08 ===============

Link to post
Share on other sites

  • Staff

Hi,

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

Here's the MBAM log, gettiing combofix now

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6598

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

5/17/2011 11:03:00 AM

mbam-log-2011-05-17 (11-03-00).txt

Scan type: Quick scan

Objects scanned: 156952

Time elapsed: 4 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

and here is the combofix log:

ComboFix 11-05-16.04 - Nick 05/17/2011 11:18:22.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3959.3007 [GMT -4:00]

Running from: c:\users\Nick\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Nick\AppData\Roaming\imapi.exe

.

.

((((((((((((((((((((((((( Files Created from 2011-04-17 to 2011-05-17 )))))))))))))))))))))))))))))))

.

.

2011-05-17 15:23 . 2011-05-17 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-12 00:57 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-05-12 00:57 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

2011-05-12 00:57 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll

2011-05-12 00:57 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll

2011-05-12 00:57 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-05-12 00:57 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-05-12 00:57 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-05-11 20:00 . 2011-05-11 20:01 -------- d-----w- c:\programdata\PCDr

2011-05-11 19:28 . 2011-04-09 06:54 5475712 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-05-11 19:28 . 2011-04-09 06:21 3967360 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2011-05-11 19:28 . 2011-04-09 06:21 3911552 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2011-05-11 19:28 . 2011-03-29 03:32 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2011-05-11 19:28 . 2011-03-29 03:32 99328 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2011-05-11 19:28 . 2011-03-29 03:32 324608 ----a-w- c:\windows\system32\drivers\usbport.sys

2011-05-11 19:28 . 2011-03-29 03:32 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys

2011-05-11 19:28 . 2011-03-29 03:32 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2011-05-11 19:28 . 2011-03-29 03:32 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2011-05-11 19:28 . 2011-03-29 03:32 7936 ----a-w- c:\windows\system32\drivers\usbd.sys

2011-05-11 18:51 . 2010-12-20 22:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-11 18:51 . 2011-05-11 18:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-05-11 18:45 . 2011-05-11 18:45 -------- d-----w- c:\programdata\Malwarebytes

2011-05-11 18:45 . 2010-12-20 22:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-08 23:41 . 2011-05-08 23:42 -------- d-----w- c:\program files (x86)\Mass Effect 2 Demo

2011-05-08 23:41 . 2011-05-08 23:43 -------- d-----w- c:\program files (x86)\Common Files\BioWare

2011-05-08 23:38 . 2011-05-08 23:38 -------- d-----w- c:\program files (x86)\Power Tab Software

2011-05-08 22:25 . 2011-05-08 22:25 -------- d-----w- c:\program files (x86)\Dell Digital Delivery

2011-05-08 22:20 . 2011-05-08 22:20 -------- d-----w- c:\windows\SysWow64\Wat

2011-05-08 22:20 . 2011-05-08 22:20 -------- d-----w- c:\windows\system32\Wat

2011-05-08 04:26 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll

2011-05-08 04:26 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll

2011-05-08 04:23 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

2011-05-08 04:23 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll

2011-05-08 04:23 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll

2011-05-08 04:23 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll

2011-05-08 04:23 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe

2011-05-08 04:23 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll

2011-05-08 04:23 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-05-08 04:23 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll

2011-05-08 04:23 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe

2011-05-08 04:23 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll

2011-05-07 22:34 . 2010-02-02 19:13 20984 ----a-w- c:\windows\system32\drivers\bcmvwl64.sys

2011-05-07 22:32 . 2011-05-07 22:32 -------- d-----w- c:\windows\SysWow64\vmm32

2011-05-07 21:48 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll

2011-04-28 21:31 . 2011-04-28 21:31 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2011-04-28 21:30 . 2011-05-15 04:38 -------- d-----w- c:\programdata\Microsoft Help

2011-04-28 21:30 . 2011-04-28 21:30 -------- d-----r- C:\MSOCache

2011-04-28 21:21 . 2011-04-28 21:21 -------- d-sh--w- C:\System Recovery

2011-04-28 21:16 . 2011-04-28 21:19 -------- d-----w- c:\users\Nick

2011-04-28 21:09 . 2011-04-28 21:09 -------- d-----w- c:\programdata\ATI

2011-04-28 21:09 . 2011-04-28 21:09 -------- d-----w- c:\users\Default\AppData\Local\SoftThinks

2011-04-28 21:05 . 2011-05-07 22:32 -------- d-----w- c:\program files (x86)\Dell

2011-04-28 21:03 . 2011-04-28 21:03 -------- dc-h--w- c:\programdata\{04A07C23-5821-4F25-BF46-1188636AE238}

2011-04-28 21:03 . 2011-04-28 21:03 -------- d-----w- c:\program files (x86)\Microsoft

2011-04-28 21:03 . 2011-04-28 21:03 -------- d-----w- c:\program files (x86)\MSN Toolbar

2011-04-28 21:03 . 2011-04-28 21:03 -------- d-----w- c:\program files (x86)\Bing Bar Installer

2011-04-28 21:03 . 2011-04-28 21:03 -------- d-----w- c:\program files\Dell Support Center

2011-04-28 21:02 . 2011-04-28 21:02 -------- d-----w- c:\windows\en

2011-04-28 21:01 . 2011-04-28 21:01 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition

2011-04-28 21:00 . 2011-04-28 21:02 -------- d-----w- c:\program files (x86)\Windows Live

2011-04-28 20:59 . 2011-04-28 20:59 -------- d-----w- c:\windows\PCHEALTH

2011-04-28 20:59 . 2011-04-28 21:00 -------- d-----w- c:\program files\Windows Live

2011-04-28 20:59 . 2009-09-04 22:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll

2011-04-28 20:59 . 2009-09-04 22:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll

2011-04-28 20:59 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll

2011-04-28 20:59 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll

2011-04-28 20:59 . 2006-11-29 18:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll

2011-04-28 20:59 . 2006-11-29 18:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll

2011-04-28 20:58 . 2011-05-15 22:52 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2011-04-28 20:58 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-04-28 20:58 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll

2011-04-28 20:58 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll

2011-04-28 20:58 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll

2011-04-28 20:56 . 2011-04-28 20:56 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2011-04-28 20:56 . 2011-04-28 20:56 -------- d--h--w- c:\windows\msdownld.tmp

2011-04-28 20:55 . 2011-04-28 21:03 -------- d-----w- c:\programdata\Dell

2011-04-28 20:53 . 2011-04-14 18:01 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2011-04-28 20:52 . 2011-04-28 20:52 -------- d-----w- c:\program files (x86)\mcafee.com

2011-04-28 20:52 . 2011-04-28 20:53 -------- d-----w- c:\program files\mcafee

2011-04-28 20:52 . 2011-04-28 20:53 -------- d-----w- c:\program files (x86)\Common Files\mcafee

2011-04-28 20:52 . 2011-04-28 20:52 -------- d-----w- c:\program files\Common Files\mcafee

2011-04-28 20:52 . 2011-04-28 21:16 -------- d-----w- c:\program files (x86)\McAfee

2011-04-28 20:52 . 2011-05-07 22:43 -------- d-----w- c:\programdata\McAfee

2011-04-28 20:52 . 2011-04-28 20:52 -------- d-----w- c:\programdata\Uninstall

2011-04-28 20:52 . 2011-04-28 20:52 -------- d-----w- c:\programdata\Sonic

2011-04-28 20:51 . 2011-04-28 20:51 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2011-04-28 20:51 . 2011-04-28 20:51 -------- d-----w- c:\program files (x86)\Common Files\Roxio Shared

2011-04-28 20:51 . 2011-04-28 20:51 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2011-04-28 20:51 . 2009-07-09 08:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2011-04-28 20:51 . 2009-06-23 08:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2011-04-28 20:51 . 2009-06-23 08:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2011-04-28 20:51 . 2011-04-28 20:51 -------- d-----w- c:\programdata\Macrovision

2011-04-28 20:51 . 2011-04-28 20:51 -------- d-----w- c:\program files (x86)\Roxio

2011-04-28 19:13 . 2011-04-28 19:13 0 ----a-w- c:\windows\ativpsrm.bin

2011-04-28 17:36 . 2011-04-28 17:36 74 --sh--r- c:\windows\CT4CET.bin

2011-04-28 17:36 . 2011-04-28 17:36 -------- d-----w- c:\program files (x86)\Common Files\Reallusion

2011-04-28 17:35 . 2011-04-28 17:36 -------- d-----w- c:\program files (x86)\Creative

2011-04-28 17:35 . 2011-04-28 17:36 -------- d-----w- c:\program files (x86)\Dell Webcam

2011-04-28 17:35 . 2009-06-15 18:06 172704 ----a-w- c:\windows\system32\drivers\CtClsFlt.sys

2011-04-28 17:35 . 2009-05-28 15:49 224768 ----a-w- c:\windows\system32\drivers\CtAudDrv.sys

2011-04-28 17:35 . 2011-04-28 17:35 -------- d-----w- c:\program files (x86)\Creative Live! Cam

2011-04-28 17:34 . 2011-04-28 17:34 -------- d-----w- c:\program files (x86)\Common Files\Skype

2011-04-28 17:34 . 2011-04-28 17:35 -------- d-----r- c:\program files (x86)\Skype

2011-04-28 17:34 . 2011-04-28 17:34 -------- d-----w- c:\programdata\Skype

2011-04-28 17:34 . 2011-04-28 17:34 -------- d-----w- c:\programdata\Cozi

2011-04-28 17:34 . 2011-04-28 17:34 -------- d-----w- c:\program files (x86)\Cozi Express

2011-04-28 17:33 . 2011-04-28 17:34 -------- d-----w- C:\Temp

2011-04-28 17:33 . 2006-11-01 17:51 151656 ----a-w- c:\windows\system32\drivers\WimFltr.sys

2011-04-28 17:33 . 2011-05-15 23:03 -------- d-----w- c:\program files (x86)\Dell DataSafe Local Backup

2011-04-28 17:28 . 2011-04-28 17:32 -------- d-----w- c:\programdata\WildTangent

2011-04-28 17:28 . 2011-04-28 17:28 -------- d-----w- c:\program files (x86)\WildTangent

2011-04-28 17:27 . 2011-04-28 17:27 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2

2011-04-28 17:27 . 2011-04-28 17:27 -------- d-----w- c:\program files (x86)\Dell DataSafe Online

2011-04-28 17:27 . 2011-04-28 17:27 -------- d-----w- c:\program files (x86)\Absolute Software

2011-04-28 17:27 . 2011-04-28 17:27 -------- d-----w- c:\program files (x86)\Citrix

2011-04-28 17:26 . 2011-04-28 17:26 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2011-04-28 17:25 . 2010-03-30 19:58 35104 ----a-w- c:\windows\system32\drivers\btwl2cap.sys

2011-04-28 17:25 . 2010-03-30 19:58 21160 ----a-w- c:\windows\system32\drivers\btwrchid.sys

2011-04-28 17:25 . 2010-03-30 19:58 132648 ----a-w- c:\windows\system32\drivers\btwavdt.sys

2011-04-28 17:25 . 2010-03-30 19:58 98344 ----a-w- c:\windows\system32\drivers\btwaudio.sys

2011-04-28 17:24 . 2011-04-28 17:24 -------- d-----w- c:\program files\WIDCOMM

2011-04-28 17:23 . 2011-04-28 17:36 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information

2011-04-28 17:23 . 2011-04-28 17:24 -------- d-----w- c:\program files (x86)\ATI Technologies

2011-04-28 17:23 . 2011-04-28 17:23 -------- d-----w- c:\program files (x86)\Common Files\InstallShield

2011-04-28 17:22 . 2011-04-28 17:23 -------- d-----w- c:\program files (x86)\Cisco

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-28 21:16 . 2010-06-24 16:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-04-26 01:11 . 2011-04-26 01:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-04-14 18:01 . 2010-01-05 23:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2011-04-14 18:01 . 2010-01-05 23:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys

2011-04-14 18:01 . 2010-01-05 23:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys

2011-04-14 18:01 . 2010-01-05 23:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2011-04-14 18:01 . 2010-01-05 23:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2011-04-14 18:01 . 2010-01-05 23:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2011-04-14 18:01 . 2010-01-05 23:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2011-04-14 18:01 . 2010-01-05 23:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2011-03-04 06:17 . 2011-05-07 21:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:17 . 2011-05-07 21:49 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-11 163040]

"DSUpdateLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" [2010-07-21 18240]

.

c:\users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 0107551305644200mcinstcleanup;McAfee Application Installer Cleanup (0107551305644200);c:\windows\TEMP\010755~1.EXE [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2010-10-15 150408]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2011-05-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 23:47]

.

2011-05-16 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 23:47]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-02 5712896]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\x6r7637w.default\

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-05-17 11:25:40

ComboFix-quarantined-files.txt 2011-05-17 15:25

.

Pre-Run: 440,875,929,600 bytes free

Post-Run: 442,714,210,304 bytes free

.

- - End Of File - - 403D4097FB9F6B68415D9E64B0A1475E

AND the new DDS log:

.

DDS (Ver_11-03-05.01) - NTFS_AMD64

Run by Nick at 11:28:19.16 on Tue 05/17/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3959.2757 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Dell\DellDock\DellDock.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files\mcafee.com\agent\mcagent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Nick\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110516195600.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

StartupFolder: C:\Users\Nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110516195600.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

mRun-x64: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\x6r7637w.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-5 530304]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-5 283744]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-28 55280]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-1-5 75160]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-25 203264]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-4-28 200056]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-4-28 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2011-4-28 149032]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-28 689472]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-4-25 6857728]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-4-25 264192]

R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2011-5-7 20984]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-5 63056]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-28 172704]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-5 190520]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-5 441840]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]

S2 0107551305644200mcinstcleanup;McAfee Application Installer Cleanup (0107551305644200);C:\Windows\TEMP\010755~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\010755~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2010-10-15 150408]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-25 53800]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-28 35104]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-5 94992]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-8 1255736]

S4 McOobeSv;McAfee OOBE Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-4-28 355440]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2011-05-17 15:16:59 98816 ----a-w- C:\Windows\sed.exe

2011-05-17 15:16:59 89088 ----a-w- C:\Windows\MBR.exe

2011-05-17 15:16:59 256512 ----a-w- C:\Windows\PEV.exe

2011-05-17 15:16:59 161792 ----a-w- C:\Windows\SWREG.exe

2011-05-12 00:57:23 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-05-12 00:57:23 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-05-12 00:57:21 1135104 ----a-w- C:\Windows\System32\FntCache.dll

2011-05-12 00:57:20 902656 ----a-w- C:\Windows\System32\d2d1.dll

2011-05-12 00:57:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2011-05-12 00:57:20 1540608 ----a-w- C:\Windows\System32\DWrite.dll

2011-05-12 00:57:20 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2011-05-11 20:00:57 -------- d-----w- C:\Users\Nick\AppData\Roaming\PCDr

2011-05-11 20:00:02 -------- d-----w- C:\PROGRA~3\PCDr

2011-05-11 19:28:26 5475712 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-05-11 19:28:26 3967360 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-05-11 19:28:25 3911552 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-05-11 19:28:14 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-05-11 19:28:14 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-05-11 19:28:14 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-05-11 19:28:14 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-05-11 19:28:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-05-11 19:28:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-05-11 19:28:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-05-11 18:51:45 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-11 18:51:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-05-11 18:45:54 -------- d-----w- C:\Users\Nick\AppData\Roaming\Malwarebytes

2011-05-11 18:45:50 -------- d-----w- C:\PROGRA~3\Malwarebytes

2011-05-11 18:45:47 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-05-08 23:41:20 -------- d-----w- C:\Program Files (x86)\Mass Effect 2 Demo

2011-05-08 23:41:19 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2011-05-08 23:38:17 -------- d-----w- C:\Program Files (x86)\Power Tab Software

2011-05-08 22:25:26 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

2011-05-08 22:20:42 -------- d-----w- C:\Windows\SysWow64\Wat

2011-05-08 22:20:42 -------- d-----w- C:\Windows\System32\Wat

2011-05-08 04:26:19 367104 ----a-w- C:\Windows\System32\wcncsvc.dll

2011-05-08 04:26:19 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll

2011-05-08 04:23:07 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-05-08 04:23:07 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2011-05-08 04:23:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2011-05-08 04:23:07 444752 ----a-w- C:\Windows\System32\mscoree.dll

2011-05-08 04:23:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2011-05-08 04:23:07 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2011-05-08 04:23:07 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-05-08 04:23:07 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2011-05-08 04:23:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2011-05-08 04:23:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2011-05-08 03:56:21 24376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

2011-05-07 22:34:27 20984 ----a-w- C:\Windows\System32\drivers\bcmvwl64.sys

2011-05-07 22:32:47 45056 ----a-r- C:\Users\Nick\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe

2011-05-07 22:32:43 -------- d-----w- C:\Windows\SysWow64\vmm32

2011-05-07 21:48:59 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-05-02 18:44:25 -------- d-----w- C:\Users\Nick\AppData\Local\Microsoft Games

2011-05-01 01:40:15 -------- d-----w- C:\Users\Nick\AppData\Local\Diagnostics

2011-04-28 22:49:00 -------- d-----w- C:\Users\Nick\AppData\Local\Adobe

2011-04-28 21:51:36 -------- d-----w- C:\Users\Nick\AppData\Local\Mozilla

2011-04-28 21:31:16 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2011-04-28 21:30:37 -------- d-----w- C:\Users\Nick\AppData\Local\Microsoft Help

2011-04-28 21:21:11 -------- d-sh--w- C:\System Recovery

2011-04-28 21:19:56 -------- d-----w- C:\Users\Nick\AppData\Roaming\Dell

2011-04-28 21:19:50 -------- d-----w- C:\Users\Nick\AppData\Local\Stardock_Corporation

2011-04-28 21:19:37 -------- d-----w- C:\Users\Nick\AppData\Local\DataSafeOnline

2011-04-28 21:19:37 -------- d-----w- C:\Users\Nick\AppData\Local\Broadcom

2011-04-28 21:19:36 -------- d-----w- C:\Users\Nick\AppData\Local\ATI

2011-04-28 21:19:06 -------- d-----w- C:\Users\Nick\AppData\Local\VirtualStore

2011-04-28 21:05:56 -------- d-----w- C:\Program Files (x86)\Dell

2011-04-28 21:03:59 -------- dc-h--w- C:\PROGRA~3\{04A07C23-5821-4F25-BF46-1188636AE238}

2011-04-28 21:03:42 -------- d-----w- C:\Program Files (x86)\Microsoft

2011-04-28 21:03:38 -------- d-----w- C:\Program Files (x86)\MSN Toolbar

2011-04-28 21:03:32 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer

2011-04-28 21:03:25 -------- d-----w- C:\Program Files\Dell Support Center

2011-04-28 21:02:44 -------- d-----w- C:\Windows\en

2011-04-28 21:01:34 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2011-04-28 20:59:57 -------- d-----w- C:\Windows\PCHEALTH

2011-04-28 20:59:21 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2011-04-28 20:59:21 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2011-04-28 20:59:21 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2011-04-28 20:59:21 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2011-04-28 20:59:04 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll

2011-04-28 20:59:04 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll

2011-04-28 20:58:03 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2011-04-28 20:58:03 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2011-04-28 20:58:02 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2011-04-28 20:58:02 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2011-04-28 20:56:36 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c3677e7e1cc05e606\MeshBetaRemover.exe

2011-04-28 20:56:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\DSETUP.dll

2011-04-28 20:56:35 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\DXSETUP.exe

2011-04-28 20:56:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2dfd00f1cc05e605\dsetup32.dll

2011-04-28 20:56:26 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\DSETUP.dll

2011-04-28 20:56:26 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\DXSETUP.exe

2011-04-28 20:56:26 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd3faf891cc05e604\dsetup32.dll

2011-04-28 20:56:24 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc2b8fe91cc05e603\Silverlight.4.0.exe

2011-04-28 20:56:17 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2011-04-28 20:56:07 -------- d--h--w- C:\Windows\msdownld.tmp

2011-04-28 20:53:20 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys

2011-04-28 20:52:23 -------- d-----w- C:\Program Files (x86)\mcafee.com

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\mcafee.com

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\mcafee

2011-04-28 20:52:22 -------- d-----w- C:\Program Files\Common Files\mcafee

2011-04-28 20:52:22 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee

2011-04-28 20:52:21 -------- d-----w- C:\Program Files (x86)\McAfee

2011-04-28 20:52:13 -------- d-----w- C:\PROGRA~3\Uninstall

2011-04-28 20:51:51 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2011-04-28 20:51:51 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2011-04-28 20:51:51 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2011-04-28 20:51:51 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2011-04-28 20:51:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2011-04-28 20:51:49 -------- d-----w- C:\Program Files (x86)\Roxio

2011-04-28 19:13:20 0 ----a-w- C:\Windows\ativpsrm.bin

2011-04-28 17:36:37 74 --sh--r- C:\Windows\CT4CET.bin

2011-04-28 17:36:14 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion

2011-04-28 17:35:48 -------- d-----w- C:\Program Files (x86)\Creative

2011-04-28 17:35:24 -------- d-----w- C:\Program Files (x86)\Dell Webcam

2011-04-28 17:35:23 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys

2011-04-28 17:35:23 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys

2011-04-28 17:35:19 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam

2011-04-28 17:34:55 -------- d-----r- C:\Program Files (x86)\Skype

2011-04-28 17:34:49 -------- d-----w- C:\Program Files (x86)\Cozi Express

2011-04-28 17:34:49 -------- d-----w- C:\PROGRA~3\Cozi

2011-04-28 17:33:47 -------- d-----w- C:\Temp

2011-04-28 17:33:44 151656 ----a-w- C:\Windows\System32\drivers\WimFltr.sys

2011-04-28 17:33:32 -------- d-----w- C:\Program Files (x86)\Dell DataSafe Local Backup

2011-04-28 17:33:16 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll

2011-04-28 17:33:16 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe

2011-04-28 17:33:16 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll

2011-04-28 17:33:16 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll

2011-04-28 17:33:15 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll

2011-04-28 17:33:15 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll

2011-04-28 17:33:15 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll

2011-04-28 17:28:00 -------- d-----w- C:\Program Files (x86)\WildTangent

2011-04-28 17:28:00 -------- d-----w- C:\PROGRA~3\WildTangent

2011-04-28 17:27:21 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

2011-04-28 17:27:17 -------- d-----w- C:\Program Files (x86)\Dell DataSafe Online

2011-04-28 17:27:10 -------- d-----w- C:\Program Files (x86)\Absolute Software

2011-04-28 17:27:04 -------- d-----w- C:\Program Files (x86)\Citrix

2011-04-28 17:25:49 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys

2011-04-28 17:25:49 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys

2011-04-28 17:25:49 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys

2011-04-28 17:25:48 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys

2011-04-28 17:24:42 -------- d-----w- C:\Program Files\WIDCOMM

2011-04-28 17:23:08 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2011-04-28 17:23:06 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll

2011-04-28 17:23:06 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll

2011-04-28 17:23:06 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe

2011-04-28 17:23:06 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll

2011-04-28 17:23:06 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll

2011-04-28 17:23:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll

2011-04-28 17:23:05 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll

2011-04-28 17:23:05 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll

2011-04-28 17:22:57 -------- d-----w- C:\Program Files (x86)\Cisco

2011-04-28 17:20:55 521448 ----a-w- C:\Windows\System32\deployJava1.dll

2011-04-26 01:13:55 -------- d-----w- C:\backup

2011-04-26 01:10:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2011-04-26 00:36:29 53800 ----a-w- C:\Windows\System32\drivers\btusbflt.sys

2011-04-26 00:35:59 54272 ----a-w- C:\Windows\System32\atimpc64.dll

2011-04-26 00:33:36 -------- d-----w- C:\hotfix

2011-04-26 00:33:03 -------- d-----w- C:\Windows\System32\oem

2011-04-26 00:33:02 -------- d-----w- C:\Windows\Panther

2011-04-26 00:33:02 -------- d-----w- C:\Drivers

2011-04-26 00:28:07 -------- d-----w- C:\dell

.

==================== Find3M ====================

.

2011-04-28 17:20:35 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-04-26 01:10:59 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2011-04-14 18:01:38 94992 ----a-w- C:\Windows\System32\drivers\mferkdet.sys

2011-04-14 18:01:38 75160 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys

2011-04-14 18:01:38 63056 ----a-w- C:\Windows\System32\drivers\cfwids.sys

2011-04-14 18:01:38 530304 ----a-w- C:\Windows\System32\drivers\mfehidk.sys

2011-04-14 18:01:38 441840 ----a-w- C:\Windows\System32\drivers\mfefirek.sys

2011-04-14 18:01:38 283744 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys

2011-04-14 18:01:38 190520 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys

2011-04-14 18:01:38 121376 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys

2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys

2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll

2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe

2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll

2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys

2011-02-26 06:23:14 2870272 ----a-w- C:\Windows\explorer.exe

2011-02-26 05:33:07 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll

2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec

2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll

2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll

2011-02-18 06:33:50 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll

2011-02-18 05:33:29 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

.

============= FINISH: 11:29:09.44 ===============

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

I ran ESET, but the log file contained only this:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

and your security check log:

Results of screen317's Security Check version 0.99.11

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

McAfee Security Center

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 24

Out of date Java installed!

Adobe Flash Player 10.2.159.1

Adobe Reader 9.1.2

Out of date Adobe Reader installed!

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

time to update a few things I see. Will do.

The system runs fine now, save for a slightly slower-than-normal boot up. Unless this turns out to be problematic, there are no issues with the system.

Link to post
Share on other sites

  • Staff

Hi,

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

Java

Link to post
Share on other sites

http://www.pcpitstop.com/betapit/sec.asp?conid=24378325

the results for you.

glancing through, I noticed that I should turn off saved passwords, this is no big deal since I make a point of never saving my passwords in the first place.

also note that I had updated Java and Adobe reader prior to the scan and flash player afterwards. (I actually updated Java and Reader a few days ago, I just did Flash today.)

Link to post
Share on other sites

  • Staff

Hi,

Your computer appears to be in great shape.

You could disable these from startup and perhaps it may be a bit more speedy:

[Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

In addition, McAfee is known to take up a substantial amount of resources, and there are alternatives which may promote better performance if you would like to discuss that.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.