I went on to try and use my skype/ Microsft office and they are no longer avalaible and it says they are uninstalled!
I did a google search and saw someone on here that had a similar problem and you solved his so I hope you can help me too!
Below I attach the logs from the scans!
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.09.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joshua :: JOSHUA-LAPTOP [administrator]
Protection: Enabled
09/11/2012 12:41:17
mbam-log-2012-11-09 (12-41-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227964
Time elapsed: 4 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-09 13:15:09
Windows 6.1.7601 Service Pack 1
Running: 4hy2wx9o.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb424c3bd6
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb424c3bd6@f0cba1a1bb19 0x14 0xC8 0x57 0x89 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb424c3bd6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb424c3bd6@f0cba1a1bb19 0x14 0xC8 0x57 0x89 ...
---- Files - GMER 1.0.15 ----
File C:\Windows\Temp\etilqs_hsRlc90UDStOKtnb7v4d 0 bytes
---- EOF - GMER 1.0.15 ----
DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450
Run by Joshua at 13:16:13 on 2012-11-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6038.3862 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\lxducoms.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\Aware.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\Marker.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={38DE5CB7-6961-452E-8FBF-841C952C8948}&mid=bd34d57beb0a43928f474665b8779e7e-40cb255589befe9365a727d2995690f0c832f1c6&lang=en&ds=hk011&pr=sa&d=2012-06-10 21:20:35&v=11.1.0.7&sap=hp
mWinlogon: Userinit = userinit.exe,
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: CIEDownload Object: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120629145907.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
uRun: [Google Update] "C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SMART Board Service] C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [Conime] C:\Windows\System32\conime.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Joshua\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTB~1.LNK - C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\05F6775627C696E656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\2445F40756E6A7F6E656 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\3574845313D425B434 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\55F634D26596379647F627 : DHCPNameServer = 192.168.38.54 192.168.38.55 192.168.70.51
TCP: Interfaces\{D71E5D2A-339E-4F8E-92A4-D752F44B247D} : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120629145907.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 335784]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-4-4 28992]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-4 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-4-4 21616]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-5 30568]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-11-7 30752]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-4-4 249152]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-4-4 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-11-7 1028464]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
R2 lxdu_device;lxdu_device;C:\Windows\System32\lxducoms.exe -service --> C:\Windows\System32\lxducoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-9 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-9 676936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-4-4 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-4-4 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-4 177144]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-11-7 82160]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-4-4 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-3 381248]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-4 2656280]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-5 711112]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-4-4 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-4-4 176096]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-1 196440]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-4 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-9 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 513456]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-4-4 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-4-4 212992]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2012-4-4 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-4 565352]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [2007-11-14 16144]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-26 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-4 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-4-4 291648]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-14 1255736]
S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1"
FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1"
FileExt: .js: JSFile=NOTEPAD.EXE "%1"
FileExt: .jse: JSEFile=NOTEPAD.EXE "%1"
FileExt: .wsf: WSFFile=NOTEPAD.EXE "%1"
.
=============== Created Last 30 ================
.
2012-11-09 12:40:45--------d-----w-C:\Users\Joshua\AppData\Roaming\Malwarebytes
2012-11-09 12:40:37--------d-----w-C:\ProgramData\Malwarebytes
2012-11-09 12:40:3625928----a-w-C:\Windows\System32\drivers\mbam.sys
2012-11-09 12:40:35--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-09 11:54:32--------d-----w-C:\NVIDIA
2012-11-08 15:46:09--------d-----w-C:\ProgramData\9223B3E6-70DD-4e2f-965B-DD8E02D2E20B
2012-11-08 15:44:57--------d-----w-C:\Users\Joshua\AppData\Roaming\Downloaded Installations
2012-11-08 15:36:27--------d-----w-C:\ProgramData\Citrix
2012-11-08 15:35:51--------d-----w-C:\Program Files (x86)\Citrix
2012-11-08 15:35:45--------d-----w-C:\Users\Joshua\AppData\Local\Citrix
2012-11-07 23:31:12511328----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
2012-11-07 23:31:092155248----a-w-C:\Windows\System32\Incinerator64.dll
2012-11-07 23:31:082097032----a-w-C:\Windows\SysWow64\Incinerator32.dll
2012-11-07 23:31:0082160----a-w-C:\Windows\System32\drivers\PDFsFilter.sys
2012-11-07 23:31:0057144----a-w-C:\Windows\System32\iolobtdfg.exe
2012-11-07 23:31:0025744----a-w-C:\Windows\System32\smrgdf.exe
2012-11-07 23:30:5969000----a-w-C:\Windows\System32\offreg.dll
2012-11-07 23:30:5956200----a-w-C:\Windows\SysWow64\offreg.dll
2012-11-07 23:30:1030752----a-w-C:\Windows\System32\drivers\ElRawDsk.sys
2012-11-07 23:30:0174703----a-w-C:\Windows\SysWow64\mfc45.dat
2012-11-07 23:29:56--------d-----w-C:\iolo
2012-11-07 23:00:05--------d-----w-C:\Users\Joshua\AppData\Roaming\iolo
2012-11-07 22:53:4474703----a-w-C:\Windows\SysWow64\mfc45.dll
2012-11-07 22:53:35--------d-----w-C:\ProgramData\iolo
2012-11-07 22:53:35--------d-----w-C:\Program Files (x86)\iolo
2012-11-07 16:05:31--------d-----w-C:\Users\Joshua\AppData\Local\{FC9B4CC6-C45E-410A-ADC4-962954FEF125}
2012-11-05 12:11:4330568----a-w-C:\Windows\System32\drivers\avgtpx64.sys
2012-10-29 22:24:31--------d-----w-C:\Users\Joshua\AppData\Local\{ED48EC79-58E7-4BAC-A388-0D4EFD88A4CE}
2012-10-29 12:35:35--------d-----w-C:\Users\Joshua\AppData\Local\{D139F1E8-0733-4968-8AB9-448D93E7C7CA}
2012-10-28 20:11:20--------d-----w-C:\Users\Joshua\AppData\Local\{5DF131AD-FD60-44B6-BC5F-804E94876778}
2012-10-26 14:30:59--------d-----w-C:\ProgramData\Visan
2012-10-26 14:30:59--------d-----w-C:\ProgramData\PrintProjects
2012-10-26 14:30:59--------d-----w-C:\Program Files (x86)\PrintProjects
2012-10-26 14:28:16--------d-----w-C:\Windows\SysWow64\kodak
2012-10-21 19:20:56--------d-----w-C:\SMS Cubs New
2012-10-18 17:09:17--------d-----w-C:\Users\Joshua\AppData\Local\{6FE2CCF3-7142-445E-8AA6-D41AA8E58B52}
2012-10-17 15:52:38--------d-----w-C:\Users\Joshua\AppData\Local\MFAData
2012-10-17 15:52:38--------d-----w-C:\Users\Joshua\AppData\Local\Avg2013
2012-10-17 15:52:38--------d-----w-C:\ProgramData\MFAData
2012-10-11 21:48:2633240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-10-11 21:48:01--------d-----w-C:\Program Files\iPod
2012-10-11 21:47:59--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-11 21:47:59--------d-----w-C:\Program Files\iTunes
2012-10-11 21:47:59--------d-----w-C:\Program Files (x86)\iTunes
2012-10-11 21:43:22--------d-----w-C:\Windows\System32\New folder
2012-10-11 21:26:21--------d-sh--w-C:\found.000
.
==================== Find3M ====================
.
2012-09-29 13:48:361793536----a-w-C:\Windows\System32\EKAiO2MON.dll
2012-09-29 13:48:24183808----a-w-C:\Windows\System32\EKAiO2COI10.dll
2012-09-14 19:19:292048----a-w-C:\Windows\System32\tzres.dll
2012-09-14 18:28:532048----a-w-C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:351659760----a-w-C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:455559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:023968880----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:023914096----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07220160----a-w-C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48172544----a-w-C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:322312704----a-w-C:\Windows\System32\jscript9.dll
2012-08-24 10:21:181392128----a-w-C:\Windows\System32\wininet.dll
2012-08-24 10:20:111494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29599040----a-w-C:\Windows\System32\vbscript.dll
2012-08-24 10:09:422382848----a-w-C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:171800704----a-w-C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:271129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:021427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12420864----a-w-C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:582382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:501913200----a-w-C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40950128----a-w-C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40376688----a-w-C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00245760----a-w-C:\Windows\System32\OxpsConverter.exe
2012-08-21 12:01:20125872----a-w-C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01:20106928----a-w-C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44362496----a-w-C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44243200----a-w-C:\Windows\System32\wow64.dll
2012-08-20 18:48:4413312----a-w-C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43215040----a-w-C:\Windows\System32\winsrv.dll
2012-08-20 18:48:3716384----a-w-C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35424448----a-w-C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22338432----a-w-C:\Windows\System32\conhost.exe
2012-08-20 17:40:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:4444032----a-w-C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:2625600----a-w-C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:195120----a-w-C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:217680----a-w-C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:202048----a-w-C:\Windows\SysWow64\user.exe
2012-08-20 15:33:286144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:284608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:283584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:283072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 13:16:48.94 ===============
I did a google search and saw someone on here that had a similar problem and you solved his so I hope you can help me too!
Below I attach the logs from the scans!
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.09.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joshua :: JOSHUA-LAPTOP [administrator]
Protection: Enabled
09/11/2012 12:41:17
mbam-log-2012-11-09 (12-41-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227964
Time elapsed: 4 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-09 13:15:09
Windows 6.1.7601 Service Pack 1
Running: 4hy2wx9o.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb424c3bd6
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb424c3bd6@f0cba1a1bb19 0x14 0xC8 0x57 0x89 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb424c3bd6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb424c3bd6@f0cba1a1bb19 0x14 0xC8 0x57 0x89 ...
---- Files - GMER 1.0.15 ----
File C:\Windows\Temp\etilqs_hsRlc90UDStOKtnb7v4d 0 bytes
---- EOF - GMER 1.0.15 ----
DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450
Run by Joshua at 13:16:13 on 2012-11-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6038.3862 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\lxducoms.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\Aware.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\Marker.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={38DE5CB7-6961-452E-8FBF-841C952C8948}&mid=bd34d57beb0a43928f474665b8779e7e-40cb255589befe9365a727d2995690f0c832f1c6&lang=en&ds=hk011&pr=sa&d=2012-06-10 21:20:35&v=11.1.0.7&sap=hp
mWinlogon: Userinit = userinit.exe,
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: CIEDownload Object: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120629145907.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
uRun: [Google Update] "C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SMART Board Service] C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [Conime] C:\Windows\System32\conime.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Joshua\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTB~1.LNK - C:\Program Files (x86)\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\05F6775627C696E656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\2445F40756E6A7F6E656 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\3574845313D425B434 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1E0A8272-365B-4134-B966-6C6022A0482E}\55F634D26596379647F627 : DHCPNameServer = 192.168.38.54 192.168.38.55 192.168.70.51
TCP: Interfaces\{D71E5D2A-339E-4F8E-92A4-D752F44B247D} : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120629145907.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 335784]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-4-4 28992]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-4 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-4-4 21616]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-5 30568]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-11-7 30752]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-4-4 249152]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-4-4 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-11-7 1028464]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
R2 lxdu_device;lxdu_device;C:\Windows\System32\lxducoms.exe -service --> C:\Windows\System32\lxducoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-9 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-9 676936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-4-4 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-4-4 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-4 177144]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-11-7 82160]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-4-4 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-3 381248]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-4 2656280]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-5 711112]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-4-4 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-4-4 176096]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-1 196440]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-4 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-9 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 513456]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-4-4 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-4-4 212992]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2012-4-4 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-4 565352]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [2007-11-14 16144]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-10-19 195072]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-26 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-4 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-4-4 291648]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-14 1255736]
S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-21 201304]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1"
FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1"
FileExt: .js: JSFile=NOTEPAD.EXE "%1"
FileExt: .jse: JSEFile=NOTEPAD.EXE "%1"
FileExt: .wsf: WSFFile=NOTEPAD.EXE "%1"
.
=============== Created Last 30 ================
.
2012-11-09 12:40:45--------d-----w-C:\Users\Joshua\AppData\Roaming\Malwarebytes
2012-11-09 12:40:37--------d-----w-C:\ProgramData\Malwarebytes
2012-11-09 12:40:3625928----a-w-C:\Windows\System32\drivers\mbam.sys
2012-11-09 12:40:35--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-09 11:54:32--------d-----w-C:\NVIDIA
2012-11-08 15:46:09--------d-----w-C:\ProgramData\9223B3E6-70DD-4e2f-965B-DD8E02D2E20B
2012-11-08 15:44:57--------d-----w-C:\Users\Joshua\AppData\Roaming\Downloaded Installations
2012-11-08 15:36:27--------d-----w-C:\ProgramData\Citrix
2012-11-08 15:35:51--------d-----w-C:\Program Files (x86)\Citrix
2012-11-08 15:35:45--------d-----w-C:\Users\Joshua\AppData\Local\Citrix
2012-11-07 23:31:12511328----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
2012-11-07 23:31:092155248----a-w-C:\Windows\System32\Incinerator64.dll
2012-11-07 23:31:082097032----a-w-C:\Windows\SysWow64\Incinerator32.dll
2012-11-07 23:31:0082160----a-w-C:\Windows\System32\drivers\PDFsFilter.sys
2012-11-07 23:31:0057144----a-w-C:\Windows\System32\iolobtdfg.exe
2012-11-07 23:31:0025744----a-w-C:\Windows\System32\smrgdf.exe
2012-11-07 23:30:5969000----a-w-C:\Windows\System32\offreg.dll
2012-11-07 23:30:5956200----a-w-C:\Windows\SysWow64\offreg.dll
2012-11-07 23:30:1030752----a-w-C:\Windows\System32\drivers\ElRawDsk.sys
2012-11-07 23:30:0174703----a-w-C:\Windows\SysWow64\mfc45.dat
2012-11-07 23:29:56--------d-----w-C:\iolo
2012-11-07 23:00:05--------d-----w-C:\Users\Joshua\AppData\Roaming\iolo
2012-11-07 22:53:4474703----a-w-C:\Windows\SysWow64\mfc45.dll
2012-11-07 22:53:35--------d-----w-C:\ProgramData\iolo
2012-11-07 22:53:35--------d-----w-C:\Program Files (x86)\iolo
2012-11-07 16:05:31--------d-----w-C:\Users\Joshua\AppData\Local\{FC9B4CC6-C45E-410A-ADC4-962954FEF125}
2012-11-05 12:11:4330568----a-w-C:\Windows\System32\drivers\avgtpx64.sys
2012-10-29 22:24:31--------d-----w-C:\Users\Joshua\AppData\Local\{ED48EC79-58E7-4BAC-A388-0D4EFD88A4CE}
2012-10-29 12:35:35--------d-----w-C:\Users\Joshua\AppData\Local\{D139F1E8-0733-4968-8AB9-448D93E7C7CA}
2012-10-28 20:11:20--------d-----w-C:\Users\Joshua\AppData\Local\{5DF131AD-FD60-44B6-BC5F-804E94876778}
2012-10-26 14:30:59--------d-----w-C:\ProgramData\Visan
2012-10-26 14:30:59--------d-----w-C:\ProgramData\PrintProjects
2012-10-26 14:30:59--------d-----w-C:\Program Files (x86)\PrintProjects
2012-10-26 14:28:16--------d-----w-C:\Windows\SysWow64\kodak
2012-10-21 19:20:56--------d-----w-C:\SMS Cubs New
2012-10-18 17:09:17--------d-----w-C:\Users\Joshua\AppData\Local\{6FE2CCF3-7142-445E-8AA6-D41AA8E58B52}
2012-10-17 15:52:38--------d-----w-C:\Users\Joshua\AppData\Local\MFAData
2012-10-17 15:52:38--------d-----w-C:\Users\Joshua\AppData\Local\Avg2013
2012-10-17 15:52:38--------d-----w-C:\ProgramData\MFAData
2012-10-11 21:48:2633240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-10-11 21:48:01--------d-----w-C:\Program Files\iPod
2012-10-11 21:47:59--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-11 21:47:59--------d-----w-C:\Program Files\iTunes
2012-10-11 21:47:59--------d-----w-C:\Program Files (x86)\iTunes
2012-10-11 21:43:22--------d-----w-C:\Windows\System32\New folder
2012-10-11 21:26:21--------d-sh--w-C:\found.000
.
==================== Find3M ====================
.
2012-09-29 13:48:361793536----a-w-C:\Windows\System32\EKAiO2MON.dll
2012-09-29 13:48:24183808----a-w-C:\Windows\System32\EKAiO2COI10.dll
2012-09-14 19:19:292048----a-w-C:\Windows\System32\tzres.dll
2012-09-14 18:28:532048----a-w-C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:351659760----a-w-C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:455559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:023968880----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:023914096----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07220160----a-w-C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48172544----a-w-C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:322312704----a-w-C:\Windows\System32\jscript9.dll
2012-08-24 10:21:181392128----a-w-C:\Windows\System32\wininet.dll
2012-08-24 10:20:111494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29599040----a-w-C:\Windows\System32\vbscript.dll
2012-08-24 10:09:422382848----a-w-C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:171800704----a-w-C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:271129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:021427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12420864----a-w-C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:582382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:501913200----a-w-C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40950128----a-w-C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40376688----a-w-C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00245760----a-w-C:\Windows\System32\OxpsConverter.exe
2012-08-21 12:01:20125872----a-w-C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01:20106928----a-w-C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44362496----a-w-C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44243200----a-w-C:\Windows\System32\wow64.dll
2012-08-20 18:48:4413312----a-w-C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43215040----a-w-C:\Windows\System32\winsrv.dll
2012-08-20 18:48:3716384----a-w-C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35424448----a-w-C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22338432----a-w-C:\Windows\System32\conhost.exe
2012-08-20 17:40:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:4444032----a-w-C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:2625600----a-w-C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:195120----a-w-C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:217680----a-w-C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:202048----a-w-C:\Windows\SysWow64\user.exe
2012-08-20 15:33:286144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:284608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:283584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:283072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 13:16:48.94 ===============