mascal1031
Posts: 51 +0
Computer runs very slow when connected to internet.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12/1/2014
Scan Time: 10:57:27 AM
Logfile: Malwarebytes Log.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.12.01.05
Rootkit Database: v2014.12.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David Webb
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335007
Time Elapsed: 1 hr, 31 min, 2 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
Files: 17
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\bootstrap.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\chrome.manifest, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\icon.png, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\icon64.png, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\install.rdf, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\background.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\browser.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\header.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\timer.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\vstr.1.0.2.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\vstr.1.0.2h.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\aes.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\hmac-md5.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\jsencrypt.min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\md5.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\string.min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\underscore-min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/5/2012 3:51:13 PM
System Uptime: 12/1/2014 1:10:45 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 02K3Y4
Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz | CPU 1 | 1190/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 72.929 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.004 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: qknfd
Device ID: ROOT\LEGACY_QKNFD\0000
Manufacturer:
Name: qknfd
PNP Device ID: ROOT\LEGACY_QKNFD\0000
Service: qknfd
.
==== System Restore Points ===================
.
RP174: 12/1/2014 11:39:57 AM - Removed AccelerometerP11
.
==== Installed Programs ======================
.
Adobe Acrobat 4.0
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.12)
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BioAPI Framework
Bonjour
CCleaner
Custom
Dell Backup and Recovery Manager
Dell ControlVault Host Components Installer 64 bit
Dell Custom Help
Dell Data Protection | Access
Dell Data Protection | Access | Drivers
Dell Data Protection | Access | Middleware
Dell Edoc Viewer
Dell Mobile Broadband Manager
Dell Mobile Broadband Utility
Dell System Detect
Dell System Detect Bootstrapper
Dell System Manager
Dell Touchpad
DellAccess
Dropbox
EMBASSY Security Center
Extended Update
File Opener Packages
Flixster
Free YouTube to MP3 Converter version 3.12.2.430
Gemalto
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Update
iCloud
IDT Audio
InstallVC90Support
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections 15.2.89.0
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless WiFi Software Driver
Intel(R) Rapid Storage Technology
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
iTunes
Java 7 Update 71
Java Auto Updater
League of Legends
Lords of Magic Special Edition
Malwarebytes Anti-Malware version 2.0.3.1025
Meade Astronomical Software
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2013 - en-us
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 33.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360
NTRU TCG Software Stack
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PC-CCID
Preboot Manager
Private Information Manager
Qualcomm Gobi 2000 Package for Dell
QuickTime 7
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition
Shared C Run-time for x64
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
SPBA 5.9
Star Trek Online
Steam
Trusted Drive Manager
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Upek Touchchip Fingerprint Reader
Virtual Moon Altas Image Libraries
Virtual Moon Atlas
Wave Infrastructure Installer
Wave Support Software Installer
WebSlingPlayer ActiveX
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
.
==== Event Viewer Messages From Past Week ========
.
12/1/2014 12:45:15 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/1/2014 1:12:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2014 1:12:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: qknfd
12/1/2014 1:11:46 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
11/29/2014 1:17:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
11/24/2014 9:10:01 PM, Error: Schannel [36887] - The following fatal alert was received: 20.
11/24/2014 8:18:00 PM, Error: Schannel [36887] - The following fatal alert was received: 40.
11/24/2014 11:25:36 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.71.2
Run by David Webb at 14:27:23 on 2014-12-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7990.5030 [GMT -6:00]
.
AV: Norton 360 *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\David Webb\AppData\Local\Apps\2.0\19YG8H18.7Z9\WB2A8MN2.8PJ\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\David Webb\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\splwow64.exe
C:\Windows\syswow64\svchost.exe
C:\Windows\syswow64\msfeedssync.exe
C:\Windows\syswow64\napstat.exe
C:\Windows\syswow64\dpnsvr.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = Preserve
mStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\David Webb\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe"
uRun: [DellSystemDetect] C:\Users\David Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\DAVIDW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\David Webb\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\DAVIDW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLSY~1.LNK - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\16962736162756 : NameServer = 192.168.2.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\16962736162756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\2375942554438333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\34963736F60343731323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\44166796460275562626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\84F4D454D293641323 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\C696E6B6379737 : DHCPNameServer = 64.39.208.6 64.39.208.7
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\E4963636F6C656723702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{C4B7BE8D-271E-46C0-BDC9-CCB2B7F5C2BF} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D6C3036D-4DFC-43CE-99EA-30A5E1FD3DEC} : DHCPNameServer = 172.20.10.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\
FF - prefs.js: browser.search.selectedEngine - Vosteran
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\David Webb\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\David Webb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\David Webb\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.srchvstrn.hmpg - true
FF - user.js: extensions.srchvstrn.hmpgUrl - hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=
FF - user.js: extensions.srchvstrn.dfltSrch - true
FF - user.js: extensions.srchvstrn.srchPrvdr - Vosteran
FF - user.js: extensions.srchvstrn.dnsErr - true
FF - user.js: extensions.srchvstrn_i.newTab - true
FF - user.js: extensions.srchvstrn.newTabUrl - hxxp://Vosteran.com/?f=2&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=
FF - user.js: extensions.srchvstrn.tlbrSrchUrl - hxxp://Vosteran.com/?f=3&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=&q=
FF - user.js: extensions.srchvstrn.id - 5C260A2254128604
FF - user.js: extensions.srchvstrn.instlDay - 16398
FF - user.js: extensions.srchvstrn.vrsn -
FF - user.js: extensions.srchvstrn.vrsni -
FF - user.js: extensions.srchvstrn_i.vrsnTs - 23:20:10
FF - user.js: extensions.srchvstrn.prtnrId - WSE_Vosteran
FF - user.js: extensions.srchvstrn.prdct - srchvstrn
FF - user.js: extensions.srchvstrn.aflt - vst_ggfc_14_48_ff
FF - user.js: extensions.srchvstrn_i.smplGrp - none
FF - user.js: extensions.srchvstrn.tlbrId -
FF - user.js: extensions.srchvstrn.instlRef - 142905_a
FF - user.js: extensions.srchvstrn.dfltLng -
FF - user.js: extensions.srchvstrn.appId - {4CB3598A-82E8-4D1F-983F-061238AE696E}
FF - user.js: extensions.srchvstrn.excTlbr - false
FF - user.js: extensions.srchvstrn.cr - 1322403989
FF - user.js: extensions.srchvstrn.cd - 2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q
FF - user.js: extensions.srchvstrn.AL - 4
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-10-2 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-10-2 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [2014-11-19 1587416]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-10-2 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141128.001\IDSviA64.sys [2014-11-29 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-10-2 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-10-2 593112]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-8-16 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-7-22 2443960]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-5-13 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-5-13 36768]
R2 dcpsysmgrsvc;Dell System Manager Service;C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-1-20 517488]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-5 13336]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe [2014-10-2 265040]
R2 NvtlService;NovaCore SDK Service;C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2010-5-20 88912]
R2 QDLService2kDell;Qualcomm Gobi 2000 Download Service (Dell);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [2010-6-25 331512]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2012-7-3 81920]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-5 2538520]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-7-1 1600000]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2013-4-11 164832]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2011-5-10 38504]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-7-3 301232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-10 142640]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-7-3 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-7-3 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-11-29 317440]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-11 129752]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2012-7-3 27760]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2013-4-11 164832]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-12 19456]
S3 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2012-7-3 61952]
S3 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2012-7-3 55808]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-12 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-11-25 05:20:26 -------- d-----w- C:\Users\David Webb\AppData\Roaming\1H1Q1V1N1N1O1R
2014-11-25 05:09:17 -------- d-----w- C:\ProgramData\REGSERVO64
2014-11-22 23:02:59 -------- d-sh--w- C:\Users\David Webb\AppData\Local\EmieBrowserModeList
2014-11-22 22:33:06 -------- d-----w- C:\ProgramData\Cisco Systems
2014-11-19 17:00:25 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-19 05:32:22 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-19 05:32:22 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-19 05:32:22 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 05:32:21 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-12 15:33:39 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-12 15:33:39 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 15:33:38 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-12 15:33:38 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-12 15:33:38 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-12 15:33:37 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-12 15:33:37 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-12 15:33:37 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-12 15:33:37 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-12 15:28:31 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-11-12 15:28:31 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-11-12 15:28:31 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-11-12 15:28:31 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-11-12 15:28:31 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-12 15:28:31 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-11-12 15:28:31 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-11-12 15:28:30 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-11-12 15:28:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-11-12 15:28:30 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-11-12 15:28:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-11-12 15:28:30 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-11-12 02:47:36 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-12 02:47:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-12 02:47:15 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-12 02:47:15 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-12 02:47:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-12 02:47:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-11 19:55:33 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-11 19:55:33 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-11 19:55:33 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-11 19:55:16 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-11-11 19:55:16 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-11-11 19:55:16 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-11 19:55:16 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-11-11 19:55:02 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-11 19:55:02 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2014-11-11 03:43:36 93808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2014-11-26 03:46:11 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 03:46:11 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 19:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 19:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2002-07-26 22:02:06 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE
.
============= FINISH: 14:27:52.21 ===============
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12/1/2014
Scan Time: 10:57:27 AM
Logfile: Malwarebytes Log.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.12.01.05
Rootkit Database: v2014.12.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David Webb
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335007
Time Elapsed: 1 hr, 31 min, 2 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
Files: 17
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\bootstrap.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\chrome.manifest, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\icon.png, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\icon64.png, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\install.rdf, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\background.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\browser.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\header.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\timer.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\vstr.1.0.2.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\browser\vstr.1.0.2h.jsm, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\aes.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\hmac-md5.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\jsencrypt.min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\md5.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\string.min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
PUP.Optional.Vosteran.A, C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\extensions\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}\content\external\underscore-min.js, Quarantined, [bfeaeb72e09c77bfe027d66ba360dc24],
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/5/2012 3:51:13 PM
System Uptime: 12/1/2014 1:10:45 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 02K3Y4
Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz | CPU 1 | 1190/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 72.929 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.004 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: qknfd
Device ID: ROOT\LEGACY_QKNFD\0000
Manufacturer:
Name: qknfd
PNP Device ID: ROOT\LEGACY_QKNFD\0000
Service: qknfd
.
==== System Restore Points ===================
.
RP174: 12/1/2014 11:39:57 AM - Removed AccelerometerP11
.
==== Installed Programs ======================
.
Adobe Acrobat 4.0
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader X (10.1.12)
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BioAPI Framework
Bonjour
CCleaner
Custom
Dell Backup and Recovery Manager
Dell ControlVault Host Components Installer 64 bit
Dell Custom Help
Dell Data Protection | Access
Dell Data Protection | Access | Drivers
Dell Data Protection | Access | Middleware
Dell Edoc Viewer
Dell Mobile Broadband Manager
Dell Mobile Broadband Utility
Dell System Detect
Dell System Detect Bootstrapper
Dell System Manager
Dell Touchpad
DellAccess
Dropbox
EMBASSY Security Center
Extended Update
File Opener Packages
Flixster
Free YouTube to MP3 Converter version 3.12.2.430
Gemalto
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Update
iCloud
IDT Audio
InstallVC90Support
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections 15.2.89.0
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless WiFi Software Driver
Intel(R) Rapid Storage Technology
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
iTunes
Java 7 Update 71
Java Auto Updater
League of Legends
Lords of Magic Special Edition
Malwarebytes Anti-Malware version 2.0.3.1025
Meade Astronomical Software
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2013 - en-us
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 33.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360
NTRU TCG Software Stack
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PC-CCID
Preboot Manager
Private Information Manager
Qualcomm Gobi 2000 Package for Dell
QuickTime 7
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition
Shared C Run-time for x64
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
SPBA 5.9
Star Trek Online
Steam
Trusted Drive Manager
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Upek Touchchip Fingerprint Reader
Virtual Moon Altas Image Libraries
Virtual Moon Atlas
Wave Infrastructure Installer
Wave Support Software Installer
WebSlingPlayer ActiveX
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
.
==== Event Viewer Messages From Past Week ========
.
12/1/2014 12:45:15 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/1/2014 1:12:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/1/2014 1:12:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: qknfd
12/1/2014 1:11:46 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
11/29/2014 1:17:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
11/24/2014 9:10:01 PM, Error: Schannel [36887] - The following fatal alert was received: 20.
11/24/2014 8:18:00 PM, Error: Schannel [36887] - The following fatal alert was received: 40.
11/24/2014 11:25:36 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.71.2
Run by David Webb at 14:27:23 on 2014-12-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7990.5030 [GMT -6:00]
.
AV: Norton 360 *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\David Webb\AppData\Local\Apps\2.0\19YG8H18.7Z9\WB2A8MN2.8PJ\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\David Webb\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\syswow64\dllhost.exe
C:\Windows\syswow64\dllhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\splwow64.exe
C:\Windows\syswow64\svchost.exe
C:\Windows\syswow64\msfeedssync.exe
C:\Windows\syswow64\napstat.exe
C:\Windows\syswow64\dpnsvr.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = Preserve
mStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\David Webb\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "C:\Users\David Webb\AppData\Local\Akamai\netsession_win.exe"
uRun: [DellSystemDetect] C:\Users\David Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\DAVIDW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\David Webb\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\DAVIDW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLSY~1.LNK - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\16962736162756 : NameServer = 192.168.2.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\16962736162756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\2375942554438333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\34963736F60343731323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\44166796460275562626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\84F4D454D293641323 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\C696E6B6379737 : DHCPNameServer = 64.39.208.6 64.39.208.7
TCP: Interfaces\{12E9F371-F85B-4C83-92E8-5894EEDC89AE}\E4963636F6C656723702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{C4B7BE8D-271E-46C0-BDC9-CCB2B7F5C2BF} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D6C3036D-4DFC-43CE-99EA-30A5E1FD3DEC} : DHCPNameServer = 172.20.10.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David Webb\AppData\Roaming\Mozilla\Firefox\Profiles\rqorz0pl.default-1398957575758\
FF - prefs.js: browser.search.selectedEngine - Vosteran
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\David Webb\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\David Webb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\David Webb\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.srchvstrn.hmpg - true
FF - user.js: extensions.srchvstrn.hmpgUrl - hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=
FF - user.js: extensions.srchvstrn.dfltSrch - true
FF - user.js: extensions.srchvstrn.srchPrvdr - Vosteran
FF - user.js: extensions.srchvstrn.dnsErr - true
FF - user.js: extensions.srchvstrn_i.newTab - true
FF - user.js: extensions.srchvstrn.newTabUrl - hxxp://Vosteran.com/?f=2&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=
FF - user.js: extensions.srchvstrn.tlbrSrchUrl - hxxp://Vosteran.com/?f=3&a=vst_ggfc_14_48_ff&cd=2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q&cr=1322403989&ir=&q=
FF - user.js: extensions.srchvstrn.id - 5C260A2254128604
FF - user.js: extensions.srchvstrn.instlDay - 16398
FF - user.js: extensions.srchvstrn.vrsn -
FF - user.js: extensions.srchvstrn.vrsni -
FF - user.js: extensions.srchvstrn_i.vrsnTs - 23:20:10
FF - user.js: extensions.srchvstrn.prtnrId - WSE_Vosteran
FF - user.js: extensions.srchvstrn.prdct - srchvstrn
FF - user.js: extensions.srchvstrn.aflt - vst_ggfc_14_48_ff
FF - user.js: extensions.srchvstrn_i.smplGrp - none
FF - user.js: extensions.srchvstrn.tlbrId -
FF - user.js: extensions.srchvstrn.instlRef - 142905_a
FF - user.js: extensions.srchvstrn.dfltLng -
FF - user.js: extensions.srchvstrn.appId - {4CB3598A-82E8-4D1F-983F-061238AE696E}
FF - user.js: extensions.srchvstrn.excTlbr - false
FF - user.js: extensions.srchvstrn.cr - 1322403989
FF - user.js: extensions.srchvstrn.cd - 2XzuyEtN2Y1L1QzuyD0CtByCtD0AtBtByDyEtCtBzzyCtDyEtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzz0FtDyEyEtGyD0BzzyBtGzytBzzzytG0FyEtDtCtGyBzyzz0C0E0BzzzyyBtAtD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytAtBzzzytDyEyEtG0BzytCtBtGyEtBtB0BtGzztAzy0FtGzy0FzytD0DtA0AyCtD0E0D0B2Q
FF - user.js: extensions.srchvstrn.AL - 4
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1506000.020\symds64.sys [2014-10-2 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1506000.020\symefa64.sys [2014-10-2 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [2014-11-19 1587416]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1506000.020\ccsetx64.sys [2014-10-2 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141128.001\IDSviA64.sys [2014-11-29 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1506000.020\ironx64.sys [2014-10-2 266968]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1506000.020\symnets.sys [2014-10-2 593112]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-8-16 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-7-22 2443960]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-5-13 1043872]
R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-5-13 36768]
R2 dcpsysmgrsvc;Dell System Manager Service;C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-1-20 517488]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-5 13336]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe [2014-10-2 265040]
R2 NvtlService;NovaCore SDK Service;C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2010-5-20 88912]
R2 QDLService2kDell;Qualcomm Gobi 2000 Download Service (Dell);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [2010-6-25 331512]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2012-7-3 81920]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-5 2538520]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-7-1 1600000]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2013-4-11 164832]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2011-5-10 38504]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2012-7-3 301232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-10 142640]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-7-3 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-7-3 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-11-29 317440]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-11 129752]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2012-7-3 27760]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2013-4-11 164832]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-12 19456]
S3 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2012-7-3 61952]
S3 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2012-7-3 55808]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-12 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-11-25 05:20:26 -------- d-----w- C:\Users\David Webb\AppData\Roaming\1H1Q1V1N1N1O1R
2014-11-25 05:09:17 -------- d-----w- C:\ProgramData\REGSERVO64
2014-11-22 23:02:59 -------- d-sh--w- C:\Users\David Webb\AppData\Local\EmieBrowserModeList
2014-11-22 22:33:06 -------- d-----w- C:\ProgramData\Cisco Systems
2014-11-19 17:00:25 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-19 05:32:22 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-19 05:32:22 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-19 05:32:22 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 05:32:21 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-12 15:33:39 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-12 15:33:39 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 15:33:38 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-12 15:33:38 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-12 15:33:38 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-12 15:33:37 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-12 15:33:37 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-12 15:33:37 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-12 15:33:37 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-12 15:28:31 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-11-12 15:28:31 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-11-12 15:28:31 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-11-12 15:28:31 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-11-12 15:28:31 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-11-12 15:28:31 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-11-12 15:28:31 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-11-12 15:28:30 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-11-12 15:28:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-11-12 15:28:30 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-11-12 15:28:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-11-12 15:28:30 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-11-12 02:47:36 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-12 02:47:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-12 02:47:15 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-12 02:47:15 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-12 02:47:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-12 02:47:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-11 19:55:33 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-11 19:55:33 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-11 19:55:33 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-11 19:55:16 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-11-11 19:55:16 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-11-11 19:55:16 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-11 19:55:16 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-11-11 19:55:02 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-11 19:55:02 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2014-11-11 03:43:36 93808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2014-11-26 03:46:11 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 03:46:11 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 19:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 19:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2002-07-26 22:02:06 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE
.
============= FINISH: 14:27:52.21 ===============