Jump to content

royayaz

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. MrCharlie, Thanks so much for all your help. My computer is working fine now. Roya
  2. MrCharlie, thanks for your help. You are awesome! My computer is fine now! Thank you!

  3. Hi, Just noticed that my firefox was one version old. So I just did the update.. It is now version 23.0 Roya
  4. MrCharlie, Thanks for all your help. I had to wait until I come home to use securitycheck. My corporate security blocked me from downloading it. Anyway, here is the result of running securitycheck: Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` McAfee SiteAdvisor Malwarebytes Anti-Malware version 1.75.0.1300 AVG PC Tuneup 2011 Java 7 Update 25 Adobe Flash Player 11.8.800.94 Adobe Reader 9 Adobe Reader XI Mozilla Firefox 22.0 Firefox out of Date! Google Chrome 28.0.1500.72 Google Chrome 28.0.1500.95 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log`````````````````````` Thanks, Roya
  5. Hi, Did the changes to setting and ran the quick scan. The results is attached. I also had it do a full scan overnight and it ran clean. Best regards, Roya mbam-log-2013-08-13 (08-15-36).txt
  6. Hi, Yes I ran adwCleaner yesterday morning before I posting my issue on the forum. I researched my problem and found the following website: http://www.spywareinfoforum.com/topic/135090-laptop-fbi-locked/ and after researching adwCleaner and founding it to be safe, I ran it. Here is the result of running JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.4.4 (08.12.2013:1) OS: Windows 7 Home Premium x64 Ran by Roya on Tue 08/13/2013 at 7:39:55.72 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 08/13/2013 at 7:54:43.14 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ thanks, Roya
  7. MrCharles, I just ran adwCleaner, with search option and here is the results: # AdwCleaner v2.306 - Logfile created 08/12/2013 at 19:55:30 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Roya - ROYA-PC # Boot Mode : Normal # Running from : C:\Download\adwcleaner\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Mozilla Firefox v22.0 (en-US) File : C:\Users\Roya\AppData\Roaming\Mozilla\Firefox\Profiles\phz8tqdl.default\prefs.js [OK] File is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\Roya\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [7649 octets] - [12/08/2013 09:33:09] AdwCleaner[R2].txt - [865 octets] - [12/08/2013 19:55:30] AdwCleaner[s1].txt - [7834 octets] - [12/08/2013 09:37:08] ########## EOF - C:\AdwCleaner[R2].txt - [984 octets] ##########
  8. Thanks for helping me. Here is the result of running Rogue Killer: RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Roya [Admin rights] Mode : Scan -- Date : 08/12/2013 18:33:32 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM\[...]\CCSet\[...]\{E8C5DFA4-AC72-41FF-B8F4-FA8FF048E2CA} : NameServer (130.35.249.41,130.35.249.52,144.20.190.70) -> FOUND [DNS] HKLM\[...]\CS001\[...]\{E8C5DFA4-AC72-41FF-B8F4-FA8FF048E2CA} : NameServer (130.35.249.41,130.35.249.52,144.20.190.70) -> FOUND [DNS] HKLM\[...]\CS002\[...]\{E8C5DFA4-AC72-41FF-B8F4-FA8FF048E2CA} : NameServer (130.35.249.41,130.35.249.52,144.20.190.70) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 10.5.62.35 vCenterDB 10.5.51.3 VCenterDB2 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BEKT-75KA9T0 ATA Device +++++ --- User --- [MBR] c1fb2905e7567064fce0e180b6a7fc9f [bSP] 51221eab948cc8495bfa7b4cf21e6ccf : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 461899 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: WDC WD5000BEKT-75KA9T0 ATA Device +++++ --- User --- [MBR] 6f8ff3198067beb775e00b247dc93be5 [bSP] 6d906f168fdc615fa34eb8120baf023f : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo Error reading LL1 MBR! Error reading LL2 MBR! Finished : << RKreport[0]_S_08122013_183332.txt >>
  9. Hi, Thanks for clarification. I just placed them on the other section of the forum. Thanks, Roya
  10. Hi, I open up a post in regard to 3 (pup.optional.open.candy) file that Malware Bytes full scan found on my laptop. The administrator asked me to run DDS and post the "attach.txt" and "DDS.txt" results in here. I attached both Attach.txt and DDS.txt here. And here is the question I posted: Last Tuesday (08/06/2013), my daily malware bytes quick scan idicated 12 files that required to be removed. These were registry files in the Microsoft Office folder. I removed and restarted my laptop. My MS Office 2007 has issue starting, but my MS Office 2010 manages to open up the documents. Once started up, I ran a full scan using Malware Bytes, and the result was that I had a clean computer (0 infect files). Yesterday (08/11/2013), I ran my anti virus Avast, which indicated that I had 0 infected files. Then I ran malware bytes full scan. The scan resulted in finding 3 "pup optional open candy". I removed the files and restarted the laptop. Once started, I ran the malwarebytes scan again, which resulted in 0 infected files. My question is, why this is keep occuring? Is my laptop infected? And if so, what do I need to do to clean it up for good? Please let me know if I can provide you with further information. Thanks in advance. Roya Attach.txt DDS.txt
  11. Hi, Thanks for the reply. I just ran DDS and Here is the result of Attach.txt: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 8/13/2010 12:00:37 PM System Uptime: 8/12/2013 9:38:38 AM (0 hours ago) . Motherboard: Dell Inc. | | 0J509P Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz | U2E1 | 928/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 253.924 GiB free. D: is CDROM () E: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: HP LaserJet 4050 Series Device ID: ROOT\MULTIFUNCTION\0010 Manufacturer: Name: HP LaserJet 4050 Series PNP Device ID: ROOT\MULTIFUNCTION\0010 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0030 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0030 Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 PNP Device ID: ROOT\NET\0000 Service: vpnva . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0011 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0011 Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Array Networks SSL VPN Adapter Device ID: ROOT\NET\0001 Manufacturer: Array Networks Name: Array Networks SSL VPN Adapter PNP Device ID: ROOT\NET\0001 Service: ATP . Class GUID: Description: HP LaserJet CP1525nw Device ID: ROOT\MULTIFUNCTION\0031 Manufacturer: Name: HP LaserJet CP1525nw PNP Device ID: ROOT\MULTIFUNCTION\0031 Service: . Class GUID: Description: HP LaserJet 5 Device ID: ROOT\MULTIFUNCTION\0012 Manufacturer: Name: HP LaserJet 5 PNP Device ID: ROOT\MULTIFUNCTION\0012 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0032 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0032 Service: . Class GUID: Description: HP LaserJet 4050 Series Device ID: ROOT\MULTIFUNCTION\0013 Manufacturer: Name: HP LaserJet 4050 Series PNP Device ID: ROOT\MULTIFUNCTION\0013 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0033 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0033 Service: . Class GUID: Description: HP LaserJet 5 Device ID: ROOT\MULTIFUNCTION\0014 Manufacturer: Name: HP LaserJet 5 PNP Device ID: ROOT\MULTIFUNCTION\0014 Service: . Class GUID: Description: Officejet Pro K5400 Device ID: ROOT\MULTIFUNCTION\0034 Manufacturer: Name: Officejet Pro K5400 PNP Device ID: ROOT\MULTIFUNCTION\0034 Service: . Class GUID: Description: Officejet 7300 series Device ID: ROOT\MULTIFUNCTION\0015 Manufacturer: Name: Officejet 7300 series PNP Device ID: ROOT\MULTIFUNCTION\0015 Service: . Class GUID: Description: Officejet 7300 series Device ID: ROOT\MULTIFUNCTION\0035 Manufacturer: Name: Officejet 7300 series PNP Device ID: ROOT\MULTIFUNCTION\0035 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0016 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0016 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0036 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0036 Service: . Class GUID: Description: HP LaserJet 4050 Series Device ID: ROOT\MULTIFUNCTION\0017 Manufacturer: Name: HP LaserJet 4050 Series PNP Device ID: ROOT\MULTIFUNCTION\0017 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0037 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0037 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0018 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0018 Service: . Class GUID: Description: Officejet Pro K5400 Device ID: ROOT\MULTIFUNCTION\0038 Manufacturer: Name: Officejet Pro K5400 PNP Device ID: ROOT\MULTIFUNCTION\0038 Service: . Class GUID: Description: HP LaserJet 5 Device ID: ROOT\MULTIFUNCTION\0019 Manufacturer: Name: HP LaserJet 5 PNP Device ID: ROOT\MULTIFUNCTION\0019 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0039 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0039 Service: . Class GUID: Description: Officejet 7300 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Officejet 7300 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0020 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0020 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0040 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0040 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: Description: hp color LaserJet 4650 Device ID: ROOT\MULTIFUNCTION\0021 Manufacturer: Name: hp color LaserJet 4650 PNP Device ID: ROOT\MULTIFUNCTION\0021 Service: . Class GUID: Description: HP LaserJet 4100 Series Device ID: ROOT\MULTIFUNCTION\0041 Manufacturer: Name: HP LaserJet 4100 Series PNP Device ID: ROOT\MULTIFUNCTION\0041 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: Description: HP Color LaserJet 2605dn Device ID: ROOT\MULTIFUNCTION\0022 Manufacturer: Name: HP Color LaserJet 2605dn PNP Device ID: ROOT\MULTIFUNCTION\0022 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0042 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0042 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . Class GUID: Description: HP Color LaserJet 4700 Device ID: ROOT\MULTIFUNCTION\0023 Manufacturer: Name: HP Color LaserJet 4700 PNP Device ID: ROOT\MULTIFUNCTION\0023 Service: . Class GUID: Description: Officejet Pro K5400 Device ID: ROOT\MULTIFUNCTION\0043 Manufacturer: Name: Officejet Pro K5400 PNP Device ID: ROOT\MULTIFUNCTION\0043 Service: . Class GUID: Description: hp color LaserJet 4650 Device ID: ROOT\MULTIFUNCTION\0004 Manufacturer: Name: hp color LaserJet 4650 PNP Device ID: ROOT\MULTIFUNCTION\0004 Service: . Class GUID: Description: Officejet 7300 series Device ID: ROOT\MULTIFUNCTION\0024 Manufacturer: Name: Officejet 7300 series PNP Device ID: ROOT\MULTIFUNCTION\0024 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0044 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0044 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0005 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0005 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0025 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0025 Service: . Class GUID: Description: HP LaserJet CP1525nw Device ID: ROOT\MULTIFUNCTION\0045 Manufacturer: Name: HP LaserJet CP1525nw PNP Device ID: ROOT\MULTIFUNCTION\0045 Service: . Class GUID: Description: hp LaserJet 4250 Device ID: ROOT\MULTIFUNCTION\0006 Manufacturer: Name: hp LaserJet 4250 PNP Device ID: ROOT\MULTIFUNCTION\0006 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0026 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0026 Service: . Class GUID: Description: HP LaserJet CP1525nw Device ID: ROOT\MULTIFUNCTION\0046 Manufacturer: Name: HP LaserJet CP1525nw PNP Device ID: ROOT\MULTIFUNCTION\0046 Service: . Class GUID: Description: hp color LaserJet 4650 Device ID: ROOT\MULTIFUNCTION\0007 Manufacturer: Name: hp color LaserJet 4650 PNP Device ID: ROOT\MULTIFUNCTION\0007 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0027 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0027 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0047 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0047 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0008 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0008 Service: . Class GUID: Description: HP LaserJet 8150 Series Device ID: ROOT\MULTIFUNCTION\0028 Manufacturer: Name: HP LaserJet 8150 Series PNP Device ID: ROOT\MULTIFUNCTION\0028 Service: . Class GUID: Description: HP LaserJet CP1525nw Device ID: ROOT\MULTIFUNCTION\0048 Manufacturer: Name: HP LaserJet CP1525nw PNP Device ID: ROOT\MULTIFUNCTION\0048 Service: . Class GUID: Description: Officejet 7300 series Device ID: ROOT\MULTIFUNCTION\0009 Manufacturer: Name: Officejet 7300 series PNP Device ID: ROOT\MULTIFUNCTION\0009 Service: . Class GUID: Description: hp LaserJet 2430 Device ID: ROOT\MULTIFUNCTION\0029 Manufacturer: Name: hp LaserJet 2430 PNP Device ID: ROOT\MULTIFUNCTION\0029 Service: . Class GUID: Description: HP LaserJet 5P Device ID: ROOT\MULTIFUNCTION\0050 Manufacturer: Name: HP LaserJet 5P PNP Device ID: ROOT\MULTIFUNCTION\0050 Service: . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 64 Bit HP CIO Components Installer Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) Advanced Audio FX Engine Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update Array Networks SSL VPN Client 8,4,6,61 (Array Networks) ATI Catalyst Control Center avast! EasyPass avast! Internet Security AVG PC Tuneup 2011 Bing Bar Bonjour Business Contact Manager for Outlook 2007 SP2 Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon MP Navigator EX 5.1 Canon MX890 series MP Drivers Canon MX890 series On-screen Manual Canon MX890 series User Registration Canon My Printer Canon Solution Menu EX Canon Speed Dial Utility Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish Cisco AnyConnect VPN Client CleanWaterAction Reminder by We-Care.com v5.0.5.1 CLEAR™ WiMAX Tutorial D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Driver Download Manager Dell Edoc Viewer Dell Getting Started Guide Dell Webcam Central doubleTwist ffdshow [rev 2527] [2008-12-19] Google Chrome Google Drive Google Earth Plug-in Google Update Helper GoToAssist 8.0.0.514 Hewlett-Packard ACLM.NET v1.1.0.0 HP Update HPDiagnosticAlert IBM Lotus Sametime Connect 7.5 IDT Audio Intel PROSet Wireless Intel® Turbo Boost Technology Monitor Intel® PROSet/Wireless WiMAX Software iTunes Java 7 Update 25 Java Auto Updater Junk Mail filter update Live! Cam Avatar Creator LoJack Factory Installer Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus McAfee SiteAdvisor Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2007 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Business 2010 Microsoft Office Live Meeting 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual J# 2.0 Redistributable Package - SE (x64) Mouse Setting Software 4.0 Movie Maker Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Dell Photo Common Photo Gallery Picasa 3 PlayMemories Home PowerDVD DX Primo PuTTY Session Manager 0.41.166.0 Quest Installer Quest Software Toad Data Modeler Quest SQL Optimizer for Oracle Quickset64 QuickTime RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer RealUpgrade 1.1 Roxio Burn RSA SecurID Software Token Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skins Skype Click to Call Skype™ 6.3 Sound Blaster X-Fi MB Spelling Dictionaries Support For Adobe Reader 9 Synaptics Pointing Device Driver TightVNC 2.0.4 Toad for Oracle 11.6 tools-freebsd tools-linux tools-netware tools-solaris tools-windows tools-winPre2k True Image 2013 True Image 2013 Media Add-on TrueCrypt Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Visual Studio 2008 x64 Redistributables VMware vSphere Client 5.0 VMware Workstation WD Drive Utilities WD Security WD SmartWare WebEx WIDCOMM Bluetooth Software WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinSCP 4.2.9 Xming 6.9.0.31 . ==== End Of File =========================== And the result of DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2 Run by Roya at 9:54:27 on 2013-08-12 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8181.5126 [GMT -4:00] . AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Array Networks\Common\8,4,6,61\arr_isrv.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Array Networks\Array SSL VPN\8,4,6,61\arr_srvs.exe C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\DRIVERS\o2flash.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\TightVNC\tvnserver.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\rundll32.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Windows\system32\SearchIndexer.exe C:\Users\Roya\AppData\Local\Akamai\netsession_win.exe C:\Users\Roya\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Intel\WiMAX\bin\wimaxcu.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\TightVNC\tvnserver.exe c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\splwow64.exe C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\RunDll32.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll mWinlogon: Userinit = userinit.exe, BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" uRun: [Akamai NetSession Interface] "C:\Users\Roya\AppData\Local\Akamai\netsession_win.exe" uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [ACQTMOUSE] "C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe" mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\Roya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe StartupFolder: C:\Users\Roya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:1 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll TCP: NameServer = 57.6.5.69 57.6.5.70 57.5.24.47 57.5.24.48 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958} : NameServer = 8.8.8.8,4.2.2.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\25F69716E45647 : DHCPNameServer = 68.87.68.162 68.87.74.162 68.87.68.166 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\27F6F6A7E65647 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\36C6561627D27657563747 : NameServer = 8.8.8.8,4.2.2.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\36C6561627D27657563747 : DHCPNameServer = 141.146.40.227 148.87.1.22 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\D497D284F6473507F647 : NameServer = 8.8.8.8,4.2.2.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\D497D284F6473507F647 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\E676463637964716D223 : NameServer = 8.8.8.8,4.2.2.1 TCP: Interfaces\{26EDA356-7FDA-4259-A0A1-1EE890A2E958}\E676463637964716D223 : DHCPNameServer = 57.6.5.69 57.6.5.70 57.5.24.47 TCP: Interfaces\{6059688C-27F6-49D0-A4E2-8F3474BBFD5D} : DHCPNameServer = 57.6.5.69 57.6.5.70 57.5.24.47 57.5.24.48 TCP: Interfaces\{E8C5DFA4-AC72-41FF-B8F4-FA8FF048E2CA} : NameServer = 130.35.249.41,130.35.249.52,144.20.190.70 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned> x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll x64-SSODL: WebCheck - <orphaned> Hosts: 10.5.62.35 vCenterDB Hosts: 10.5.51.3 VCenterDB2 ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Roya\AppData\Roaming\Mozilla\Firefox\Profiles\phz8tqdl.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll FF - plugin: C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll FF - plugin: C:\Users\Roya\AppData\Roaming\Mozilla\plugins\npatgpc.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-10-27 22600] R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-10-27 12368] R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-10-27 270824] R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-7 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-7 189936] R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-1-1 108832] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-7 55280] R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-4-7 1120032] R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-4-7 183224] R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-4-7 161568] R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-1-1 117024] R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-10-27 131232] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-27 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-27 378944] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-6-28 89600] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-4-7 3783672] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-28 202752] R2 Array_Utility_Service8.4.6.61;Array Utility Service 8,4,6,61;C:\Program Files\Array Networks\Common\8,4,6,61\arr_isrv.exe [2013-8-9 407000] R2 ArraySSL_VPN_Service8.4.6.61;Array SSL VPN Service 8,4,6,61;C:\Program Files\Array Networks\Array SSL VPN\8,4,6,61\arr_srvs.exe [2013-8-9 308696] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-27 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-27 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-29 46808] R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-5-29 137960] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2009-9-15 403456] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-7-27 14952] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-9 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-9 701512] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-6-25 120592] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-4-22 474168] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-7 1692480] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-3-20 7084672] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784] R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-6-1 609904] R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-2-3 427192] R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-6-14 1151424] R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-6 248248] R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-6-14 1177536] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2009-9-15 907264] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2010-6-28 23912] R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-4-7 367200] R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-6-28 71168] R3 bpmp;bpmp;C:\Windows\System32\drivers\bpmp.sys [2010-6-28 174592] R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-6-28 81920] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-7 35104] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-8-7 172704] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-9 25928] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-6-28 6952960] R3 O2MDGRDR;O2MDGRDR;C:\Windows\System32\drivers\o2mdgx64.sys [2010-6-28 74272] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384] S3 ATP;Array Networks SSL VPN Driver;C:\Windows\System32\drivers\atpdrvr.sys [2011-3-11 19968] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-8-7 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-8-7 79360] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2011-11-24 98616] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-9-26 57280] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216] S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\My Dell\pcdsrvc_x64.pkms [2013-5-3 25584] S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-8-7 79360] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2011-11-24 203320] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-6 59392] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-15 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-08-12 11:58:36 -------- d-----w- C:\Users\Roya\AppData\Roaming\smkits 2013-08-12 10:18:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-08-12 10:18:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-08-12 10:18:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll 2013-08-12 10:17:59 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll 2013-08-12 09:57:32 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-10 01:36:46 -------- d-----w- C:\Program Files\iPod 2013-08-10 01:36:45 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-10 01:36:45 -------- d-----w- C:\Program Files\iTunes 2013-08-10 01:36:45 -------- d-----w- C:\Program Files (x86)\iTunes 2013-08-09 15:48:22 112088 ----a-w- C:\Windows\SysWow64\arr_x.ocx 2013-08-09 12:06:28 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54150351-952E-4A34-9CE9-7486962C2E4A}\mpengine.dll 2013-07-31 11:57:06 -------- d-----w- C:\Windows\System32\MRT 2013-07-27 13:01:22 -------- d--h--w- C:\ProgramData\CanonIJEGV 2013-07-14 16:03:59 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-14 16:03:50 2241024 ----a-w- C:\Windows\System32\wininet.dll . ==================== Find3M ==================== . 2013-08-12 09:57:23 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-08-12 09:57:23 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-07-22 18:14:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-22 18:14:25 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-07-01 02:14:44 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-07-01 02:14:44 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll . ============= FINISH: 9:55:16.99 =============== Thanks again. Roya
  12. Hi, I was wondering if you could help me with removing malware. Last Tuesday (08/06/2013), my daily malware bytes quick scan idicated 12 files that required to be removed. These were registry files in the Microsoft Office folder. I removed and restarted my laptop. My MS Office 2007 has issue starting, but my MS Office 2010 manages to open up the documents. Once started up, I ran a full scan using Malware Bytes, and the result was that I had a clean computer (0 infect files). Yesterday (08/11/2013), I ran my anti virus Avast, which indicated that I had 0 infected files. Then I ran malware bytes full scan. The scan resulted in finding 3 "pup optional open candy". I removed the files and restarted the laptop. Once started, I ran the malwarebytes scan again, which resulted in 0 infected files. My question is, why this is keep occuring? Is my laptop infected? And if so, what do I need to do to clean it up for good? Thanks in advance. Roya
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.