Author Topic: [Resolved] Happili Redirect (Read 1412 times)

jreddy · « **on:** April 19, 2012, 07:26:33 AM »

I am experiencing browser re-directs when I click on search results in Google. Some, but not all, redirect me to another site. The tab in IE says 'Happili*'. Malwarebytes finds nothing, Spyware Doctor finds nothing. I am running Windows 7 Ultimate SP1 64 bit on a Dell XPS L502X.

Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 2/17/2012 12:10:32 AM
System Uptime: 4/19/2012 7:21:03 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0NJT03
Processor: Intel(R) Core(TM) i7-2860QM CPU @ 2.50GHz | CPU | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 219 GiB total, 146.071 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 931 GiB total, 636.022 GiB free.
F: is FIXED (NTFS) - 1863 GiB total, 1368.669 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: PC Tools Data Store
Device ID: ROOT\LEGACY_PCTDS\0000
Manufacturer:
Name: PC Tools Data Store
PNP Device ID: ROOT\LEGACY_PCTDS\0000
Service: pctDS
.
==== System Restore Points ===================
.
RP48: 4/3/2012 12:29:32 PM - Installed Brother P-touch Editor 5.0
RP49: 4/3/2012 12:33:44 PM - Installed Brother P-touch Update Software
RP50: 4/3/2012 1:22:12 PM - Configured Brother P-touch Editor 5.0
RP51: 4/11/2012 12:00:16 AM - Scheduled Checkpoint
RP52: 4/11/2012 3:12:22 PM - Windows Update
RP53: 4/12/2012 5:55:04 AM - Windows Update
RP54: 4/12/2012 7:04:30 AM - Windows Update
RP55: 4/12/2012 7:11:46 AM - Windows Update
RP56: 4/12/2012 11:29:21 AM - Removed Brother P-touch Update Software
RP57: 4/19/2012 7:23:49 AM - Windows Update
.
==== Installed Programs ======================
.
.
AccelerometerP11
Accidental Damage Services Agreement
Adobe Acrobat 8 Professional
Adobe Acrobat 8.1.0 Professional
Adobe AIR
Adobe Reader X (10.1.3) MUI
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Audio Comparer
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Blio
Browser Defender 4.0
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 4.1
Cisco WebEx Meetings
Consumer In-Home Service Agreement
Cozi
CyberLink PowerDVD 9.6
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Digital Delivery
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
dsdminst
eBay
FreeRIP v3.66
High-Definition Video Playback
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) WiDi
Java Auto Updater
Java(TM) 7 Update 1
Juniper Networks Network Connect 7.1.0
Juniper Networks, Inc. Setup Client
Junk Mail filter update
K-Lite Codec Pack 8.4.0 (Full)
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SecurityCenter
Mesh Runtime
Microsoft Default Manager
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
NVIDIA Stereoscopic 3D Driver
PC Tools Registry Mechanic 11.0
PC Tools Spyware Doctor 9.0
PlayReady PC Runtime x86
QuickTime
Realtek High Definition Audio Driver
Roxio BackOnTrack
Roxio Burn
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2011
Roxio Dell install Util
Roxio PhotoShow
Roxio Video Capture USB
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Skype™ 5.5
SmartSound Common Data
SmartSound Quicktracks 5
Sound Blaster X-Fi MB
Spotify
Stamps.com
Stamps.com Application Support for Microsoft Word 2000-2010
Stamps.com support for Microsoft Word 2000-2010
SyncUP
The GodFather
ThumbsPlus
TrustedID
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
4/19/2012 7:23:58 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
4/19/2012 7:21:52 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TfFsMon TFSysMon
4/19/2012 7:21:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
4/19/2012 7:20:37 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/19/2012 7:19:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service Bluetooth Device Monitor with arguments "" in order to run the server: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
4/19/2012 7:19:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
4/19/2012 7:19:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
4/19/2012 6:52:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
4/19/2012 6:50:42 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
4/19/2012 6:50:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/19/2012 6:50:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/19/2012 6:50:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/19/2012 6:50:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/19/2012 6:48:42 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
4/19/2012 6:48:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache PCTSD SaibVdAd64 spldr TfFsMon TFSysMon Wanarpv6
4/19/2012 6:48:22 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
4/18/2012 3:43:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user JSR-XPSLT\JSR SID (S-1-5-21-1422262098-3932683059-3104318181-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/18/2012 3:43:45 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user JSR-XPSLT\JSR SID (S-1-5-21-1422262098-3932683059-3104318181-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/17/2012 10:34:31 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
4/12/2012 7:05:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2572077).
4/12/2012 7:05:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869).
4/12/2012 6:04:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656373).
4/12/2012 6:04:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).
4/12/2012 5:49:35 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
4/12/2012 5:49:33 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
4/12/2012 11:25:34 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s).
4/12/2012 11:19:02 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
4/12/2012 11:17:32 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/12/2012 11:16:02 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/12/2012 11:03:17 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 7 time(s).
4/12/2012 11:01:47 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 6 time(s).
4/12/2012 10:57:15 AM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 5 time(s).
.
==== End Of File ===========================

jreddy · « **Reply #1 on:** April 19, 2012, 07:28:25 AM »

~ Posting Logs Continued - first part of DDS.txt~

DDS.txt:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by JSR at 7:46:30 on 2012-04-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8086.5611 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools Spyware Doctor *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\mswinext.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cnn.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mURLSearchHooks: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PC Tools Browser Defender BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120217155245.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [rathc] rundll32.exe "C:\Users\JSR\AppData\Local\Temp\rathc.dll",EnumTvValueNext
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
uPolicies-explorer: NoInstrumentation = 1
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://gsvpn.thegoldensource.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{109FC85C-1014-40B9-832A-2ECCCFDC3DBA} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{FF394E23-A5E9-43F4-8013-85776412FA8F} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PC Tools Browser Defender BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO-X64: Browser Defender BHO - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120217155245.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB-X64: PC Tools Browser Defender: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun-x64: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JSR\AppData\Roaming\Mozilla\Firefox\Profiles\my2zrenn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]
R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R0 tclondrv;tclondrv;C:\Windows\system32\DRIVERS\tclondrv.sys --> C:\Windows\system32\DRIVERS\tclondrv.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-2-7 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-8-31 39408]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2012-4-11 550864]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-12-13 8448944]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-8 654408]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-2-7 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-2-7 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-4 687400]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-7 2009704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-4-12 793048]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-2-7 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-7 2656280]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_6.2.37054.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_6.2.37054.0.sys [?]
R3 dlcdcecm;dlcdcecm;C:\Windows\system32\DRIVERS\dlcdcecm.sys --> C:\Windows\system32\DRIVERS\dlcdcecm.sys [?]
R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]
R3 dlusbaudio;dlusbaudio;C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys --> C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\system32\Drivers\PCTBD64.sys --> C:\Windows\system32\Drivers\PCTBD64.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/07 17:50:40;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-8-11 248304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253088]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-2-7 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-2-7 79360]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-2-7 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-1 340240]
S3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys --> C:\Windows\system32\DRIVERS\netvsc60.sys [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\drivers\nvstusb.sys --> C:\Windows\system32\drivers\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pctplsg;pctplsg;\??\C:\Windows\System32\drivers\pctplsg64.sys --> C:\Windows\System32\drivers\pctplsg64.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2012-4-11 402336]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2012-4-11 1117624]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-2-7 79360]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys --> C:\Windows\system32\drivers\Synth3dVsc.sys [?]
S3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys --> C:\Windows\system32\DRIVERS\VMBusVideoM.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.

jreddy · « **Reply #2 on:** April 19, 2012, 07:30:15 AM »

~Posting Logs Continued - second part of DDS.txt~
=============== Created Last 30 ================
.
2012-04-19 11:25:06   302080   ----a-w-   C:\Windows\System32\SETCA2D.tmp
2012-04-12 16:03:45   --------   d-----w-   C:\Dell Management Packs
2012-04-12 15:56:42   --------   d-----w-   C:\ProgramData\Canon IJ Network Tool
2012-04-12 15:56:40   315392   ----a-w-   C:\Windows\SysWow64\CNC880L.dll
2012-04-12 15:56:40   15872   ----a-w-   C:\Windows\SysWow64\CNHMCA.dll
2012-04-12 15:56:40   106496   ----a-w-   C:\Windows\SysWow64\CNC880U.dll
2012-04-12 15:12:05   --------   d-----w-   C:\Users\JSR\AppData\Roaming\Registry Mechanic
2012-04-12 15:10:49   880640   ----a-w-   C:\Windows\SysWow64\UniBox10.ocx
2012-04-12 15:10:49   512472   ----a-w-   C:\Windows\SysWow64\msxml.dll
2012-04-12 15:10:49   40408   ----a-w-   C:\Windows\System32\CleanMFT64.exe
2012-04-12 15:10:49   212992   ----a-w-   C:\Windows\SysWow64\UniBoxVB12.ocx
2012-04-12 15:10:49   1101824   ----a-w-   C:\Windows\SysWow64\UniBox210.ocx
2012-04-12 15:10:46   --------   d-----w-   C:\Program Files (x86)\PC Tools
2012-04-12 15:10:26   --------   d-----w-   C:\Users\JSR\AppData\Roaming\Product_RM
2012-04-12 15:00:26   --------   d-----w-   C:\Windows\System32\appmgmt
2012-04-12 10:03:07   --------   d-----w-   C:\Windows\ja-JP
2012-04-12 10:03:04   --------   d-----w-   C:\Windows\SysWow64\wbem\ja-JP
2012-04-12 10:03:04   --------   d-----w-   C:\Windows\SysWow64\ja
2012-04-12 10:03:04   --------   d-----w-   C:\Windows\SysWow64\drivers\UMDF\ja-JP
2012-04-12 10:03:04   --------   d-----w-   C:\Windows\SysWow64\drivers\ja-JP
2012-04-12 10:03:04   --------   d-----w-   C:\Windows\SysWow64\0411
2012-04-12 10:03:00   --------   d-----w-   C:\Windows\System32\ja
2012-04-12 10:03:00   --------   d-----w-   C:\Windows\System32\drivers\UMDF\ja-JP
2012-04-12 10:03:00   --------   d-----w-   C:\Windows\System32\drivers\ja-JP
2012-04-12 10:03:00   --------   d-----w-   C:\Windows\System32\0411
2012-04-12 10:02:58   --------   d-----w-   C:\Windows\System32\wbem\ja-JP
2012-04-12 04:06:07   --------   d-----w-   C:\Windows\SysWow64\drivers\da-DK
2012-04-12 04:05:53   --------   d-----w-   C:\Windows\SysWow64\da
2012-04-12 04:05:52   --------   d-----w-   C:\Windows\SysWow64\wbem\da-DK
2012-04-12 04:05:51   --------   d-----w-   C:\Windows\da-DK
2012-04-12 04:05:47   --------   d-----w-   C:\Windows\System32\drivers\UMDF\da-DK
2012-04-12 04:05:47   --------   d-----w-   C:\Windows\System32\drivers\da-DK
2012-04-12 04:05:26   --------   d-----w-   C:\Windows\System32\da
2012-04-12 04:05:25   --------   d-----w-   C:\Windows\System32\wbem\da-DK
2012-04-12 04:04:53   --------   d-----w-   C:\Windows\SysWow64\wbem\ro-RO
2012-04-12 04:04:53   --------   d-----w-   C:\Windows\SysWow64\drivers\ro-RO
2012-04-12 04:04:53   --------   d-----w-   C:\Windows\ro-RO
2012-04-12 04:04:43   --------   d-----w-   C:\Windows\System32\drivers\ro-RO
2012-04-12 04:04:42   --------   d-----w-   C:\Windows\System32\wbem\ro-RO
2012-04-12 04:04:22   --------   d-----w-   C:\Windows\SysWow64\drivers\hr-HR
2012-04-12 04:04:15   --------   d-----w-   C:\Windows\SysWow64\wbem\hr-HR
2012-04-12 04:04:14   --------   d-----w-   C:\Windows\System32\drivers\hr-HR
2012-04-12 04:04:14   --------   d-----w-   C:\Windows\hr-HR
2012-04-12 04:04:04   --------   d-----w-   C:\Windows\System32\wbem\hr-HR
2012-04-12 04:03:29   --------   d-----w-   C:\Windows\SysWow64\zh-CHT
2012-04-12 04:03:18   --------   d-----w-   C:\Windows\SysWow64\drivers\zh-TW
2012-04-12 04:03:16   --------   d-----w-   C:\Windows\SysWow64\wbem\zh-TW
2012-04-12 04:03:16   --------   d-----w-   C:\Windows\SysWow64\wbem\zh-HK
2012-04-12 04:03:14   --------   d-----w-   C:\Windows\zh-TW
2012-04-12 04:03:11   --------   d-----w-   C:\Windows\System32\zh-CHT
2012-04-12 04:02:56   --------   d-----w-   C:\Windows\System32\drivers\zh-TW
2012-04-12 04:02:56   --------   d-----w-   C:\Windows\System32\drivers\zh-HK
2012-04-12 04:02:56   --------   d-----w-   C:\Windows\System32\drivers\UMDF\zh-TW
2012-04-12 04:02:50   --------   d-----w-   C:\Windows\System32\wbem\zh-TW
2012-04-12 04:02:49   --------   d-----w-   C:\Windows\System32\wbem\zh-HK
2012-04-12 04:02:10   --------   d-----w-   C:\Windows\pt-BR
2012-04-12 04:01:58   --------   d-----w-   C:\Windows\SysWow64\wbem\pt-BR
2012-04-12 04:01:58   --------   d-----w-   C:\Windows\SysWow64\drivers\pt-BR
2012-04-12 04:01:37   --------   d-----w-   C:\Windows\System32\drivers\UMDF\pt-BR
2012-04-12 04:01:37   --------   d-----w-   C:\Windows\System32\drivers\pt-BR
2012-04-12 04:01:30   --------   d-----w-   C:\Windows\System32\wbem\pt-BR
2012-04-12 04:00:57   --------   d-----w-   C:\Windows\pt-PT
2012-04-12 04:00:45   --------   d-----w-   C:\Windows\SysWow64\drivers\pt-PT
2012-04-12 04:00:44   --------   d-----w-   C:\Windows\SysWow64\wbem\pt-PT
2012-04-12 04:00:44   --------   d-----w-   C:\Windows\SysWow64\pt
2012-04-12 04:00:26   --------   d-----w-   C:\Windows\System32\drivers\UMDF\pt-PT
2012-04-12 04:00:26   --------   d-----w-   C:\Windows\System32\drivers\pt-PT
2012-04-12 04:00:22   --------   d-----w-   C:\Windows\System32\wbem\pt-PT
2012-04-12 04:00:21   --------   d-----w-   C:\Windows\System32\pt
2012-04-12 03:59:50   --------   d-----w-   C:\Windows\SysWow64\drivers\pl-PL
2012-04-12 03:59:38   --------   d-----w-   C:\Windows\SysWow64\wbem\pl-PL
2012-04-12 03:59:38   --------   d-----w-   C:\Windows\SysWow64\pl
2012-04-12 03:59:37   --------   d-----w-   C:\Windows\pl-PL
2012-04-12 03:59:35   --------   d-----w-   C:\Windows\System32\drivers\UMDF\pl-PL
2012-04-12 03:59:35   --------   d-----w-   C:\Windows\System32\drivers\pl-PL
2012-04-12 03:59:17   --------   d-----w-   C:\Windows\System32\wbem\pl-PL
2012-04-12 03:59:16   --------   d-----w-   C:\Windows\System32\pl
2012-04-12 03:58:51   --------   d-----w-   C:\Windows\tr-TR
2012-04-12 03:58:37   --------   d-----w-   C:\Windows\SysWow64\tr
2012-04-12 03:58:37   --------   d-----w-   C:\Windows\SysWow64\drivers\tr-TR
2012-04-12 03:58:36   --------   d-----w-   C:\Windows\SysWow64\wbem\tr-TR
2012-04-12 03:58:20   --------   d-----w-   C:\Windows\System32\tr
2012-04-12 03:58:20   --------   d-----w-   C:\Windows\System32\drivers\UMDF\tr-TR
2012-04-12 03:58:20   --------   d-----w-   C:\Windows\System32\drivers\tr-TR
2012-04-12 03:58:17   --------   d-----w-   C:\Windows\System32\wbem\tr-TR
2012-04-12 03:58:00   --------   d-----w-   C:\Windows\SysWow64\drivers\bg-BG
2012-04-12 03:57:54   --------   d-----w-   C:\Windows\SysWow64\wbem\bg-BG
2012-04-12 03:57:54   --------   d-----w-   C:\Windows\System32\drivers\bg-BG
2012-04-12 03:57:54   --------   d-----w-   C:\Windows\bg-BG
2012-04-12 03:57:47   --------   d-----w-   C:\Windows\System32\wbem\bg-BG
2012-04-12 03:57:22   --------   d-----w-   C:\Windows\SysWow64\zh-CHS
2012-04-12 03:57:22   --------   d-----w-   C:\Windows\SysWow64\drivers\zh-CN
2012-04-12 03:57:21   --------   d-----w-   C:\Windows\SysWow64\wbem\zh-CN
2012-04-12 03:57:09   --------   d-----w-   C:\Windows\System32\zh-CHS
2012-04-12 03:57:09   --------   d-----w-   C:\Windows\System32\drivers\zh-CN
2012-04-12 03:57:09   --------   d-----w-   C:\Windows\System32\drivers\UMDF\zh-CN
2012-04-12 03:57:04   --------   d-----w-   C:\Windows\System32\wbem\zh-CN
2012-04-12 03:56:52   --------   d-----w-   C:\Windows\zh-CN
2012-04-12 03:56:35   --------   d-----w-   C:\Windows\SysWow64\drivers\sr-Latn-CS
2012-04-12 03:56:34   --------   d-----w-   C:\Windows\SysWow64\wbem\sr-Latn-CS
2012-04-12 03:56:34   --------   d-----w-   C:\Windows\sr-Latn-CS
2012-04-12 03:56:28   --------   d-----w-   C:\Windows\System32\wbem\sr-Latn-CS
2012-04-12 03:56:28   --------   d-----w-   C:\Windows\System32\drivers\sr-Latn-CS
2012-04-12 03:56:15   --------   d-----w-   C:\Windows\SysWow64\wbem\et-EE
2012-04-12 03:56:15   --------   d-----w-   C:\Windows\SysWow64\drivers\et-EE
2012-04-12 03:56:10   --------   d-----w-   C:\Windows\System32\drivers\et-EE
2012-04-12 03:56:09   --------   d-----w-   C:\Windows\System32\wbem\et-EE
2012-04-12 03:56:04   --------   d-----w-   C:\Windows\et-EE
2012-04-12 03:55:52   --------   d-----w-   C:\Windows\lt-LT
2012-04-12 03:55:48   --------   d-----w-   C:\Windows\SysWow64\wbem\lt-LT
2012-04-12 03:55:48   --------   d-----w-   C:\Windows\SysWow64\drivers\lt-LT
2012-04-12 03:55:42   --------   d-----w-   C:\Windows\System32\wbem\lt-LT
2012-04-12 03:55:42   --------   d-----w-   C:\Windows\System32\drivers\lt-LT
2012-04-12 03:55:21   --------   d-----w-   C:\Windows\SysWow64\ru
2012-04-12 03:55:21   --------   d-----w-   C:\Windows\SysWow64\drivers\ru-RU
2012-04-12 03:55:20   --------   d-----w-   C:\Windows\SysWow64\wbem\ru-RU
2012-04-12 03:55:11   --------   d-----w-   C:\Windows\System32\drivers\UMDF\ru-RU
2012-04-12 03:55:10   --------   d-----w-   C:\Windows\System32\drivers\ru-RU
2012-04-12 03:55:07   --------   d-----w-   C:\Windows\System32\wbem\ru-RU
2012-04-12 03:55:07   --------   d-----w-   C:\Windows\System32\ru
2012-04-12 03:54:57   --------   d-----w-   C:\Windows\ru-RU
2012-04-12 03:54:38   --------   d-----w-   C:\Windows\SysWow64\no
2012-04-12 03:54:38   --------   d-----w-   C:\Windows\SysWow64\drivers\nb-NO
2012-04-12 03:54:31   --------   d-----w-   C:\Windows\SysWow64\wbem\nb-NO
2012-04-12 03:54:30   --------   d-----w-   C:\Windows\nb-NO
2012-04-12 03:54:29   --------   d-----w-   C:\Windows\System32\no
2012-04-12 03:54:28   --------   d-----w-   C:\Windows\System32\drivers\UMDF\nb-NO
2012-04-12 03:54:28   --------   d-----w-   C:\Windows\System32\drivers\nb-NO
2012-04-12 03:54:17   --------   d-----w-   C:\Windows\System32\wbem\nb-NO
2012-04-12 03:54:03   --------   d-----w-   C:\Windows\el-GR
2012-04-12 03:52:55   --------   d-----w-   C:\Windows\SysWow64\drivers\ko-KR
2012-04-12 03:51:51   --------   d-----w-   C:\Windows\SysWow64\nl
2012-04-12 00:59:52   6144   ----a-w-   C:\Windows\System32\drivers\da-DK\rdvgkmd.sys.mui
2012-04-12 00:06:05   3584   ----a-w-   C:\Windows\System32\drivers\ro-RO\portcls.sys.mui
2012-04-12 00:06:05   2560   ----a-w-   C:\Windows\System32\drivers\ro-RO\serscan.sys.mui
2012-04-12 00:06:04   47616   ----a-w-   C:\Windows\System32\drivers\ro-RO\tcpip.sys.mui
2012-04-12 00:06:04   3072   ----a-w-   C:\Windows\System32\drivers\ro-RO\ataport.sys.mui
2012-04-12 00:06:04   2048   ----a-w-   C:\Windows\System32\drivers\ro-RO\amdide.sys.mui
2012-04-12 00:06:03   2560   ----a-w-   C:\Windows\System32\drivers\ro-RO\scfilter.sys.mui
2012-04-12 00:05:58   8192   ----a-w-   C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
2012-04-12 00:05:58   3072   ----a-w-   C:\Windows\System32\drivers\ro-RO\hidbth.sys.mui
2012-04-12 00:05:58   2560   ----a-w-   C:\Windows\System32\drivers\ro-RO\BTHUSB.SYS.mui
2012-04-12 00:05:58   2048   ----a-w-   C:\Windows\System32\drivers\ro-RO\bthenum.sys.mui
2012-04-11 23:19:33   3584   ----a-w-   C:\Windows\System32\drivers\hr-HR\portcls.sys.mui
2012-04-11 23:19:33   2560   ----a-w-   C:\Windows\System32\drivers\hr-HR\serscan.sys.mui
2012-04-11 23:19:32   48128   ----a-w-   C:\Windows\System32\drivers\hr-HR\tcpip.sys.mui
2012-04-11 23:19:32   3072   ----a-w-   C:\Windows\System32\drivers\hr-HR\ataport.sys.mui
2012-04-11 23:19:32   2048   ----a-w-   C:\Windows\System32\drivers\hr-HR\amdide.sys.mui
2012-04-11 23:19:31   2560   ----a-w-   C:\Windows\System32\drivers\hr-HR\scfilter.sys.mui
2012-04-11 23:19:26   7680   ----a-w-   C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
2012-04-11 23:19:26   3072   ----a-w-   C:\Windows\System32\drivers\hr-HR\hidbth.sys.mui
2012-04-11 23:19:26   2560   ----a-w-   C:\Windows\System32\drivers\hr-HR\BTHUSB.SYS.mui
2012-04-11 23:19:26   2048   ----a-w-   C:\Windows\System32\drivers\hr-HR\bthenum.sys.mui
2012-04-11 22:40:59   6656   ----a-w-   C:\Windows\System32\drivers\zh-TW\msdsm.sys.mui
2012-04-11 22:09:28   6144   ----a-w-   C:\Windows\System32\drivers\pt-BR\rdvgkmd.sys.mui
2012-04-11 21:43:46   6656   ----a-w-   C:\Windows\System32\drivers\pt-PT\rdvgkmd.sys.mui
2012-04-11 21:25:02   6656   ----a-w-   C:\Windows\System32\drivers\pl-PL\rdvgkmd.sys.mui
2012-04-11 21:24:53   7168   ----a-w-   C:\Windows\System32\drivers\UMDF\pl-PL\WUDFUsbccidDriver.dll.mui
2012-04-11 21:11:16   7680   ----a-w-   C:\Windows\System32\drivers\tr-TR\tunnel.sys.mui
2012-04-11 21:01:16   3584   ----a-w-   C:\Windows\System32\drivers\bg-BG\portcls.sys.mui
2012-04-11 21:01:16   3072   ----a-w-   C:\Windows\System32\drivers\bg-BG\ataport.sys.mui
2012-04-11 21:01:16   2560   ----a-w-   C:\Windows\System32\drivers\bg-BG\serscan.sys.mui
2012-04-11 21:01:15   48128   ----a-w-   C:\Windows\System32\drivers\bg-BG\tcpip.sys.mui
2012-04-11 21:01:15   2560   ----a-w-   C:\Windows\System32\drivers\bg-BG\scfilter.sys.mui
2012-04-11 21:01:15   2048   ----a-w-   C:\Windows\System32\drivers\bg-BG\amdide.sys.mui
2012-04-11 21:01:12   7680   ----a-w-   C:\Windows\System32\drivers\bg-BG\bthport.sys.mui
2012-04-11 21:01:12   3072   ----a-w-   C:\Windows\System32\drivers\bg-BG\hidbth.sys.mui
2012-04-11 21:01:12   2560   ----a-w-   C:\Windows\System32\drivers\bg-BG\BTHUSB.SYS.mui
2012-04-11 21:01:12   2048   ----a-w-   C:\Windows\System32\drivers\bg-BG\bthenum.sys.mui
2012-04-11 20:43:46   3584   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\portcls.sys.mui
2012-04-11 20:43:46   3072   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\ataport.sys.mui
2012-04-11 20:43:46   2560   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\serscan.sys.mui
2012-04-11 20:43:46   2048   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\amdide.sys.mui
2012-04-11 20:43:45   47104   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\tcpip.sys.mui
2012-04-11 20:43:45   2560   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\scfilter.sys.mui
2012-04-11 20:43:42   7680   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\bthport.sys.mui
2012-04-11 20:43:42   3072   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\hidbth.sys.mui
2012-04-11 20:43:42   2560   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\BTHUSB.SYS.mui
2012-04-11 20:43:42   2048   ----a-w-   C:\Windows\System32\drivers\sr-Latn-CS\bthenum.sys.mui
2012-04-11 20:31:13   3584   ----a-w-   C:\Windows\System32\drivers\et-EE\portcls.sys.mui
2012-04-11 20:31:13   2560   ----a-w-   C:\Windows\System32\drivers\et-EE\serscan.sys.mui
2012-04-11 20:31:12   45568   ----a-w-   C:\Windows\System32\drivers\et-EE\tcpip.sys.mui
2012-04-11 20:31:12   3072   ----a-w-   C:\Windows\System32\drivers\et-EE\ataport.sys.mui
2012-04-11 20:31:12   2048   ----a-w-   C:\Windows\System32\drivers\et-EE\amdide.sys.mui
2012-04-11 20:31:11   2560   ----a-w-   C:\Windows\System32\drivers\et-EE\scfilter.sys.mui
2012-04-11 20:31:09   7168   ----a-w-   C:\Windows\System32\drivers\et-EE\bthport.sys.mui
2012-04-11 20:31:09   3072   ----a-w-   C:\Windows\System32\drivers\et-EE\hidbth.sys.mui
2012-04-11 20:31:09   2560   ----a-w-   C:\Windows\System32\drivers\et-EE\BTHUSB.SYS.mui
2012-04-11 20:31:09   2048   ----a-w-   C:\Windows\System32\drivers\et-EE\bthenum.sys.mui
2012-04-11 20:24:24   3584   ----a-w-   C:\Windows\System32\drivers\lt-LT\portcls.sys.mui
2012-04-11 20:24:24   2560   ----a-w-   C:\Windows\System32\drivers\lt-LT\serscan.sys.mui
2012-04-11 20:24:23   46080   ----a-w-   C:\Windows\System32\drivers\lt-LT\tcpip.sys.mui
2012-04-11 20:24:23   3072   ----a-w-   C:\Windows\System32\drivers\lt-LT\ataport.sys.mui
2012-04-11 20:24:23   2048   ----a-w-   C:\Windows\System32\drivers\lt-LT\amdide.sys.mui
2012-04-11 20:24:22   2560   ----a-w-   C:\Windows\System32\drivers\lt-LT\scfilter.sys.mui
2012-04-11 20:24:20   7168   ----a-w-   C:\Windows\System32\drivers\lt-LT\bthport.sys.mui
2012-04-11 20:24:20   3072   ----a-w-   C:\Windows\System32\drivers\lt-LT\hidbth.sys.mui
2012-04-11 20:24:20   2560   ----a-w-   C:\Windows\System32\drivers\lt-LT\BTHUSB.SYS.mui
2012-04-11 20:24:20   2048   ----a-w-   C:\Windows\System32\drivers\lt-LT\bthenum.sys.mui
2012-04-11 20:10:38   7680   ----a-w-   C:\Windows\System32\drivers\nb-NO\tunnel.sys.mui
2012-04-11 20:04:41   6656   ----a-w-   C:\Windows\System32\drivers\el-GR\rdvgkmd.sys.mui
2012-04-11 20:00:58   5559152   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-04-11 20:00:57   3968368   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-11 20:00:57   3913072   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-04-11 19:51:17   6144   ----a-w-   C:\Windows\System32\drivers\ko-KR\tunnel.sys.mui
2012-04-11 19:47:15   6656   ----a-w-   C:\Windows\System32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-04-11 19:43:54   3584   ----a-w-   C:\Windows\System32\drivers\th-TH\portcls.sys.mui
2012-04-11 19:43:54   3072   ----a-w-   C:\Windows\System32\drivers\th-TH\ataport.sys.mui
2012-04-11 19:43:54   2560   ----a-w-   C:\Windows\System32\drivers\th-TH\serscan.sys.mui
2012-04-11 19:43:54   2048   ----a-w-   C:\Windows\System32\drivers\th-TH\amdide.sys.mui
2012-04-11 19:43:53   46592   ----a-w-   C:\Windows\System32\drivers\th-TH\tcpip.sys.mui
2012-04-11 19:43:53   2560   ----a-w-   C:\Windows\System32\drivers\th-TH\scfilter.sys.mui
2012-04-11 19:43:51   7168   ----a-w-   C:\Windows\System32\drivers\th-TH\bthport.sys.mui
2012-04-11 19:43:51   3072   ----a-w-   C:\Windows\System32\drivers\th-TH\hidbth.sys.mui
2012-04-11 19:43:51   2560   ----a-w-   C:\Windows\System32\drivers\th-TH\BTHUSB.SYS.mui
2012-04-11 19:43:51   2048   ----a-w-   C:\Windows\System32\drivers\th-TH\bthenum.sys.mui
2012-04-11 19:37:47   6656   ----a-w-   C:\Windows\System32\drivers\nl-NL\rdvgkmd.sys.mui
2012-04-11 19:35:49   2560   ----a-w-   C:\Windows\System32\drivers\lv-LV\scfilter.sys.mui
2012-04-11 19:35:44   3584   ----a-w-   C:\Windows\System32\drivers\lv-LV\portcls.sys.mui
2012-04-11 19:35:43   3072   ----a-w-   C:\Windows\System32\drivers\lv-LV\ataport.sys.mui
2012-04-11 19:35:43   2560   ----a-w-   C:\Windows\System32\drivers\lv-LV\serscan.sys.mui
2012-04-11 19:35:43   2048   ----a-w-   C:\Windows\System32\drivers\lv-LV\amdide.sys.mui
2012-04-11 19:35:42   47616   ----a-w-   C:\Windows\System32\drivers\lv-LV\tcpip.sys.mui
2012-04-11 19:35:40   7168   ----a-w-   C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
2012-04-11 19:35:40   3072   ----a-w-   C:\Windows\System32\drivers\lv-LV\hidbth.sys.mui
2012-04-11 19:35:40   2560   ----a-w-   C:\Windows\System32\drivers\lv-LV\BTHUSB.SYS.mui
2012-04-11 19:35:40   2048   ----a-w-   C:\Windows\System32\drivers\lv-LV\bthenum.sys.mui
2012-04-11 19:32:17   81408   ----a-w-   C:\Windows\System32\imagehlp.dll
2012-04-11 19:32:17   5120   ----a-w-   C:\Windows\SysWow64\wmi.dll
2012-04-11 19:32:17   5120   ----a-w-   C:\Windows\System32\wmi.dll
2012-04-11 19:32:17   23408   ----a-w-   C:\Windows\System32\drivers\fs_rec.sys
2012-04-11 19:32:17   220672   ----a-w-   C:\Windows\System32\wintrust.dll
2012-04-11 19:32:17   172544   ----a-w-   C:\Windows\SysWow64\wintrust.dll
2012-04-11 19:32:17   159232   ----a-w-   C:\Windows\SysWow64\imagehlp.dll
2012-04-11 19:31:50   --------   d-----w-   C:\Windows\SysWow64\hu
2012-04-11 19:31:50   --------   d-----w-   C:\Windows\SysWow64\drivers\hu-HU
2012-04-11 19:31:48   --------   d-----w-   C:\Windows\SysWow64\wbem\hu-HU
2012-04-11 19:31:47   --------   d-----w-   C:\Windows\System32\hu
2012-04-11 19:31:47   --------   d-----w-   C:\Windows\System32\drivers\UMDF\hu-HU
2012-04-11 19:31:47   --------   d-----w-   C:\Windows\System32\drivers\hu-HU
2012-04-11 19:31:46   --------   d-----w-   C:\Windows\System32\wbem\hu-HU
2012-04-11 19:31:43   --------   d-----w-   C:\Windows\hu-HU
2012-04-11 19:29:59   5120   ----a-w-   C:\Windows\System32\drivers\hu-HU\rdbss.sys.mui
2012-04-11 19:28:19   2560   ----a-w-   C:\Windows\System32\drivers\uk-UA\scfilter.sys.mui
2012-04-11 19:28:13   3584   ----a-w-   C:\Windows\System32\drivers\uk-UA\portcls.sys.mui
2012-04-11 19:28:13   2560   ----a-w-   C:\Windows\System32\drivers\uk-UA\serscan.sys.mui
2012-04-11 19:28:12   48640   ----a-w-   C:\Windows\System32\drivers\uk-UA\tcpip.sys.mui
2012-04-11 19:28:12   3072   ----a-w-   C:\Windows\System32\drivers\uk-UA\ataport.sys.mui
2012-04-11 19:28:12   2048   ----a-w-   C:\Windows\System32\drivers\uk-UA\amdide.sys.mui
2012-04-11 19:28:08   7680   ----a-w-   C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
2012-04-11 19:28:08   3072   ----a-w-   C:\Windows\System32\drivers\uk-UA\hidbth.sys.mui
2012-04-11 19:28:08   2560   ----a-w-   C:\Windows\System32\drivers\uk-UA\BTHUSB.SYS.mui
2012-04-11 19:28:08   2048   ----a-w-   C:\Windows\System32\drivers\uk-UA\bthenum.sys.mui
2012-04-11 19:27:33   --------   d-----w-   C:\Windows\SysWow64\wbem\es-ES
2012-04-11 19:27:33   --------   d-----w-   C:\Windows\SysWow64\es
2012-04-11 19:27:33   --------   d-----w-   C:\Windows\SysWow64\drivers\UMDF\es-ES
2012-04-11 19:27:33   --------   d-----w-   C:\Windows\SysWow64\drivers\es-ES
2012-04-11 19:27:33   --------   d-----w-   C:\Windows\SysWow64\0C0A
2012-04-11 19:27:30   --------   d-----w-   C:\Windows\System32\es
2012-04-11 19:27:30   --------   d-----w-   C:\Windows\System32\drivers\UMDF\es-ES
2012-04-11 19:27:30   --------   d-----w-   C:\Windows\System32\drivers\es-ES
2012-04-11 19:27:30   --------   d-----w-   C:\Windows\System32\0C0A
2012-04-11 19:27:28   --------   d-----w-   C:\Windows\System32\wbem\es-ES
2012-04-11 19:27:25   --------   d-----w-   C:\Windows\es-ES
2012-04-11 19:24:57   --------   d-----w-   C:\Windows\SysWow64\wbem\he-IL
2012-04-11 19:24:57   --------   d-----w-   C:\Windows\SysWow64\he
2012-04-11 19:24:57   --------   d-----w-   C:\Windows\SysWow64\drivers\he-IL
2012-04-11 19:24:55   --------   d-----w-   C:\Windows\System32\he
2012-04-11 19:24:55   --------   d-----w-   C:\Windows\System32\drivers\UMDF\he-IL
2012-04-11 19:24:55   --------   d-----w-   C:\Windows\System32\drivers\he-IL
2012-04-11 19:24:54   --------   d-----w-   C:\Windows\System32\wbem\he-IL
2012-04-11 19:24:51   --------   d-----w-   C:\Windows\he-IL
2012-04-11 19:22:47   --------   d-----w-   C:\Windows\SysWow64\drivers\sl-SI
2012-04-11 19:22:46   --------   d-----w-   C:\Windows\SysWow64\wbem\sl-SI
2012-04-11 19:22:46   --------   d-----w-   C:\Windows\System32\drivers\sl-SI
2012-04-11 19:22:46   --------   d-----w-   C:\Windows\sl-SI
2012-04-11 19:22:44   --------   d-----w-   C:\Windows\System32\wbem\sl-SI
2012-04-11 19:21:44   2560   ----a-w-   C:\Windows\System32\drivers\sl-SI\scfilter.sys.mui
2012-04-11 19:21:38   3584   ----a-w-   C:\Windows\System32\drivers\sl-SI\portcls.sys.mui
2012-04-11 19:21:38   2560   ----a-w-   C:\Windows\System32\drivers\sl-SI\serscan.sys.mui
2012-04-11 19:21:37   48128   ----a-w-   C:\Windows\System32\drivers\sl-SI\tcpip.sys.mui
2012-04-11 19:21:37   3072   ----a-w-   C:\Windows\System32\drivers\sl-SI\ataport.sys.mui
2012-04-11 19:21:37   2048   ----a-w-   C:\Windows\System32\drivers\sl-SI\amdide.sys.mui
2012-04-11 19:21:33   7680   ----a-w-   C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
2012-04-11 19:21:33   3072   ----a-w-   C:\Windows\System32\drivers\sl-SI\hidbth.sys.mui
2012-04-11 19:21:33   2560   ----a-w-   C:\Windows\System32\drivers\sl-SI\BTHUSB.SYS.mui
2012-04-11 19:21:33   2048   ----a-w-   C:\Windows\System32\drivers\sl-SI\bthenum.sys.mui
2012-04-11 19:21:01   --------   d-----w-   C:\Windows\it-IT
2012-04-11 19:20:59   --------   d-----w-   C:\Windows\SysWow64\drivers\UMDF\it-IT
2012-04-11 19:20:59   --------   d-----w-   C:\Windows\SysWow64\drivers\it-IT
2012-04-11 19:20:59   --------   d-----w-   C:\Windows\SysWow64\0410
2012-04-11 19:20:58   --------   d-----w-   C:\Windows\SysWow64\wbem\it-IT
2012-04-11 19:20:58   --------   d-----w-   C:\Windows\SysWow64\it
2012-04-11 19:20:55   --------   d-----w-   C:\Windows\System32\drivers\UMDF\it-IT
2012-04-11 19:20:55   --------   d-----w-   C:\Windows\System32\drivers\it-IT
2012-04-11 19:20:55   --------   d-----w-   C:\Windows\System32\0410
2012-04-11 19:20:53   --------   d-----w-   C:\Windows\System32\wbem\it-IT
2012-04-11 19:20:53   --------   d-----w-   C:\Windows\System32\it
2012-04-11 19:18:44   --------   d-----w-   C:\Windows\fr-FR
2012-04-11 19:17:01   7168   ----a-w-   C:\Windows\System32\drivers\ar-SA\tunnel.sys.mui
2012-04-11 19:17:01   6144   ----a-w-   C:\Windows\System32\drivers\ar-SA\rdvgkmd.sys.mui
2012-04-11 19:17:01   4096   ----a-w-   C:\Windows\System32\drivers\ar-SA\tsusbhub.sys.mui
2012-04-11 19:17:01   3584   ----a-w-   C:\Windows\System32\drivers\ar-SA\tsusbflt.sys.mui
2012-04-11 19:17:01   3584   ----a-w-   C:\Windows\System32\drivers\ar-SA\portcls.sys.mui
2012-04-11 19:17:01   2560   ----a-w-   C:\Windows\System32\drivers\ar-SA\scfilter.sys.mui
2012-04-11 19:17:01   2560   ----a-w-   C:\Windows\System32\drivers\ar-SA\rdpwd.sys.mui
2012-04-11 19:17:00   24576   ----a-w-   C:\Windows\System32\drivers\ar-SA\usbport.sys.mui
2012-04-11 19:17:00   11776   ----a-w-   C:\Windows\System32\drivers\ar-SA\usbhub.sys.mui
2012-04-11 19:15:17   2560   ----a-w-   C:\Windows\System32\drivers\sk-SK\serscan.sys.mui
2012-04-11 19:15:12   47616   ----a-w-   C:\Windows\System32\drivers\sk-SK\tcpip.sys.mui
2012-04-11 19:15:12   3584   ----a-w-   C:\Windows\System32\drivers\sk-SK\portcls.sys.mui
2012-04-11 19:15:12   3072   ----a-w-   C:\Windows\System32\drivers\sk-SK\ataport.sys.mui
2012-04-11 19:15:12   2048   ----a-w-   C:\Windows\System32\drivers\sk-SK\amdide.sys.mui
2012-04-11 19:15:11   2560   ----a-w-   C:\Windows\System32\drivers\sk-SK\scfilter.sys.mui
2012-04-11 19:15:09   7680   ----a-w-   C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
2012-04-11 19:15:09   3072   ----a-w-   C:\Windows\System32\drivers\sk-SK\hidbth.sys.mui
2012-04-11 19:15:09   2560   ----a-w-   C:\Windows\System32\drivers\sk-SK\BTHUSB.SYS.mui
2012-04-11 19:15:09   2048   ----a-w-   C:\Windows\System32\drivers\sk-SK\bthenum.sys.mui
2012-04-11 19:14:36   --------   d-----w-   C:\Windows\de-DE
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\XPSViewer
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\wbem\de-DE
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\drivers\UMDF\de-DE
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\drivers\de-DE
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\de
2012-04-11 19:14:33   --------   d-----w-   C:\Windows\SysWow64\0407
2012-04-11 19:14:29   --------   d-----w-   C:\Windows\System32\drivers\UMDF\de-DE
2012-04-11 19:14:29   --------   d-----w-   C:\Windows\System32\drivers\de-DE
2012-04-11 19:14:29   --------   d-----w-   C:\Windows\System32\0407
2012-04-11 19:14:28   --------   d-----w-   C:\Windows\System32\de
2012-04-11 19:14:27   --------   d-----w-   C:\Windows\System32\wbem\de-DE
2012-04-11 19:12:54   6656   ----a-w-   C:\Windows\System32\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
2012-04-11 16:21:32   --------   d-----w-   C:\Windows\pss
2012-04-11 16:13:53   70760   ----a-w-   C:\Windows\System32\drivers\PCTBD64.sys
2012-04-11 16:13:45   230952   ----a-w-   C:\Windows\System32\drivers\PCTSD64.sys
2012-04-11 16:13:45   14776   ----a-w-   C:\Windows\System32\drivers\pctBTFix64.sys
2012-04-11 16:10:34   --------   d-----w-   C:\Users\JSR\AppData\Roaming\TestApp
2012-04-11 10:43:22   767952   ----a-w-   C:\Windows\BDTSupport.dll0452.old
2012-04-11 10:43:22   767952   ----a-w-   C:\Windows\BDTSupport.dll
2012-04-11 10:43:22   149456   ----a-w-   C:\Windows\SGDetectionTool.dll0452.old
2012-04-11 10:43:22   149456   ----a-w-   C:\Windows\SGDetectionTool.dll
2012-04-11 10:43:21   2250704   ----a-w-   C:\Windows\PCTBDCore.dll
2012-04-11 10:43:21   1996752   ----a-w-   C:\Windows\PCTBDCore.dll0452.old
2012-04-11 10:43:21   1681360   ----a-w-   C:\Windows\PCTBDRes.dll
2012-04-11 10:38:38   453896   ----a-w-   C:\Windows\System32\drivers\pctDS64.sys
2012-04-11 10:38:38   1096688   ----a-w-   C:\Windows\System32\drivers\pctEFA64.sys
2012-04-11 10:38:37   339608   ----a-w-   C:\Windows\System32\drivers\pctgntdi64.sys
2012-04-11 10:38:37   145432   ----a-w-   C:\Windows\System32\drivers\pctwfpfilter64.sys
2012-04-11 10:38:36   367912   ----a-w-   C:\Windows\System32\drivers\PCTCore64.sys
2012-04-11 10:38:32   92896   ----a-w-   C:\Windows\System32\drivers\pctplsg64.sys
2012-04-11 10:38:25   --------   d-----w-   C:\Users\JSR\AppData\Roaming\PC Tools
2012-04-11 10:38:25   --------   d-----w-   C:\ProgramData\PC Tools
2012-04-11 10:38:25   --------   d-----w-   C:\Program Files (x86)\PC Tools Security
2012-04-11 10:38:25   --------   d-----w-   C:\Program Files (x86)\Common Files\PC Tools
2012-04-09 00:24:00   --------   d-----w-   C:\Users\JSR\AppData\Roaming\Malwarebytes
2012-04-09 00:23:53   --------   d-----w-   C:\ProgramData\Malwarebytes
2012-04-09 00:23:51   24904   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2012-04-09 00:23:51   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-04 19:00:56   --------   d--h--w-   C:\ProgramData\CanonIJScan
2012-04-04 18:55:29   --------   d-----w-   C:\Program Files (x86)\Canon
2012-04-04 18:14:09   --------   d--h--w-   C:\ProgramData\CanonIJFAX
2012-04-04 05:53:56   182160   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-04-03 16:36:17   --------   d-----w-   C:\Users\JSR\AppData\Roaming\Brother
2012-04-03 16:34:46   --------   d-----w-   C:\Program Files (x86)\Brother Industries, Ltd
2012-04-03 16:34:14   73728   ----a-w-   C:\Windows\SysWow64\BSP273F.DLL
2012-04-03 16:34:14   54272   ----a-w-   C:\Windows\System32\BSP273L.DLL
2012-04-03 16:34:14   299008   ----a-w-   C:\Windows\SysWow64\BSP273M.EXE
2012-04-03 16:34:14   10752   ----a-w-   C:\Windows\SysWow64\BSP273M.DLL
2012-04-03 16:33:10   --------   d-----w-   C:\Program Files (x86)\Common Files\Brother
2012-04-03 16:32:53   --------   d-----w-   C:\Program Files (x86)\Brother
2012-04-03 13:01:25   418464   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-03 12:56:54   --------   d-----w-   C:\Program Files\iPod
2012-04-03 12:56:53   --------   d-----w-   C:\Program Files\iTunes
2012-04-03 01:19:58   --------   d-----w-   C:\Users\JSR\AppData\Roaming\Stamps.com Internet Postage
2012-04-03 01:19:46   --------   d-----w-   C:\ProgramData\{C243CCC8-5474-45FC-A546-7FBC284A692E}
2012-04-03 01:19:41   --------   d-----w-   C:\ProgramData\{80E49840-FEC9-4009-B2F2-83DD9B68A990}
2012-04-03 01:19:23   --------   d-----w-   C:\Program Files (x86)\Stamps.com Internet Postage
2012-04-03 01:19:01   --------   d-----w-   C:\Users\JSR\AppData\Local\Seven Zip
2012-03-29 18:50:08   --------   d-----w-   C:\Users\JSR\AppData\Local\Diagnostics
2012-03-29 16:25:24   --------   d-----w-   C:\Users\JSR\AppData\Local\{C7786460-79BB-11E1-826D-B8AC6F996F26}
2012-03-28 09:52:53   308560   ----a-w-   C:\Windows\System32\drivers\dlkmd.sys
2012-03-28 09:52:53   15184   ----a-w-   C:\Windows\System32\drivers\dlkmdldr.sys
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\SysWow64\dlumd9.dll
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\SysWow64\dlumd11.dll
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\SysWow64\dlumd10.dll
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\System32\dlumd9.dll
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\System32\dlumd11.dll
2012-03-28 09:52:04   0   ----a-w-   C:\Windows\System32\dlumd10.dll
2012-03-22 02:34:32   592824   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-22 02:34:32   44472   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-20 14:16:49   37376   ----a-w-   C:\Windows\System32\CNMN6UI.DLL
2012-03-20 14:16:49   342016   ----a-w-   C:\Windows\SysWow64\CNMNPPM.DLL
2012-03-20 14:16:49   328192   ----a-w-   C:\Windows\System32\CNMN6PPM.DLL
2012-03-20 14:16:49   --------   d-----w-   C:\Windows\System32\STRING
2012-03-20 14:16:23   17920   ----a-w-   C:\Windows\System32\CNHMCA6.dll
2012-03-20 14:16:10   302080   ------w-   C:\Windows\System32\CNCALAN.DLL
.
==================== Find3M ====================
.
2012-04-17 14:34:37   70304   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-15 13:49:12   17408   ----a-w-   C:\Windows\System32\drivers\DisplayLinkUsbPort_6.2.37054.0.sys
2012-02-28 06:56:48   2311168   ----a-w-   C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56   1390080   ----a-w-   C:\Windows\System32\wininet.dll
2012-02-28 06:48:57   1493504   ----a-w-   C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55   1799168   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21   1427456   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07   1127424   ----a-w-   C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2012-02-24 13:00:00   26856   ----a-w-   C:\Windows\System32\drivers\tclondrv.sys
2012-02-17 06:38:27   1112064   ----a-w-   C:\Windows\System32\rdpcorets.dll
2012-02-17 06:38:26   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22   826880   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24   210944   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-02-15 15:01:50   52736   ----a-w-   C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 15:01:50   4547944   ----a-w-   C:\Windows\System32\usbaaplrc.dll
2012-02-14 16:09:44   1070352   ----a-w-   C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:36:07   1544192   ----a-w-   C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43   1077248   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-02-08 00:40:02   91648   ----a-w-   C:\Windows\System32\SetIEInstalledDate.exe
2012-02-07 23:50:01   505128   ----a-w-   C:\Windows\SysWow64\msvcp71.dll
2012-02-07 23:50:01   353576   ----a-w-   C:\Windows\SysWow64\msvcr71.dll
2012-02-07 23:50:01   29480   ----a-w-   C:\Windows\SysWow64\msxml3a.dll
2012-02-07 23:34:00   466456   ----a-w-   C:\Windows\System32\wrap_oal.dll
2012-02-07 23:34:00   444952   ----a-w-   C:\Windows\SysWow64\wrap_oal.dll
2012-02-07 23:34:00   122904   ----a-w-   C:\Windows\System32\OpenAL32.dll
2012-02-07 23:34:00   109080   ----a-w-   C:\Windows\SysWow64\OpenAL32.dll
2012-02-07 23:24:49   627600   ----a-w-   C:\Windows\System32\deployJava1.dll
2012-02-07 23:24:03   544656   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2012-02-03 04:34:34   3145728   ----a-w-   C:\Windows\System32\win32k.sys
2012-01-25 06:38:39   77312   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-01-25 06:38:38   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:33:30   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
.
============= FINISH: 7:46:50.92 ===============

Hoov · « **Reply #3 on:** April 19, 2012, 08:08:08 AM »

Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on click on the change parameters option.
Once you are in there, check all four boxes and then click on the OK button.
Now click the Start Scan button.
This is what you will see during the scan,

and this is what you will see when the scan is done if any threats are found. Don't change any of the recommended actions. Click the continue button.
Once the fix is done you might see this,

or it may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

jreddy · « **Reply #4 on:** April 19, 2012, 11:28:18 AM »

Hi Hoov -

Thanks for helping. I've been trying to post the log from TDSSKiller, but am getting an error message when I click Post. I am trying to post again without the log.

I happily accept your terms and advice. :) I have run MalwareBytes, SpywareDoctor, and aswMBR on the machine, none of them have found and removed this issue. Some cookies and stuff have been removed, but the redirect persists. I will try to post the log in a second Post.
Thanks.

jreddy · « **Reply #5 on:** April 19, 2012, 11:32:19 AM »

Hi Hoov -

The server won't let me post my log. I get a 403 error. Claims a "Request Entity Attack" I am also unable to post the text of the error message.

jreddy · « **Reply #6 on:** April 19, 2012, 11:36:19 AM »

TDSSKiller log attached

jreddy · « **Reply #7 on:** April 19, 2012, 11:38:16 AM »

Seems that certain replies are rejected by the server. Not sure why. Anyway, thanks again.

Hoov · « **Reply #8 on:** April 19, 2012, 12:33:11 PM »

You did correct, the security of the forum blocks certain combinations of characters. The problem is, we have not been able to track them down so we can change them.

But attaching a text file for some reason also causes a problem with the file. It is unreadable. Could you zip the file up that is still on your computer and attach the zip file?

jreddy · « **Reply #9 on:** April 19, 2012, 12:55:19 PM »

Extra Secure! :) Log is zipped and attached. Thanks.

Hoov · « **Reply #10 on:** April 19, 2012, 02:09:47 PM »

Well that found nothing.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix''s window while it''s running. That may cause it to stall

jreddy · « **Reply #11 on:** April 19, 2012, 02:43:41 PM »

ComboFix seemed to find and delete a few things. Log below. I tried to re-create the re-direct by searching in Google, and the usual behavior where Happili* was displayed at the first attempt, didn't happen this time. I did not get a redirect.

ComboFix 12-04-19.01 - JSR 04/19/2012 16:18:57.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8086.6170 [GMT -4:00]
Running from: c:\users\JSR\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: PC Tools Spyware Doctor *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\JSR\AppData\Local\Temp\{C353F26A-35F9-4077-B058-0375B027DF1E}\fpb.tmp
c:\users\JSR\AppData\Local\Temp\rathc.dll
c:\windows\SysWow64\dlumd10.dll
c:\windows\SysWow64\dlumd11.dll
c:\windows\SysWow64\dlumd9.dll
E:\install.exe
F:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-03-19 to 2012-04-19 )))))))))))))))))))))))))))))))
.
.
2012-04-19 11:25 . 2010-11-12 09:00   302080   ----a-w-   c:\windows\system32\CNCALAN.DLL
2012-04-12 16:03 . 2012-04-12 16:03   --------   d-----w-   C:\Dell Management Packs
2012-04-12 15:56 . 2012-04-12 15:56   --------   d-----w-   c:\programdata\Canon IJ Network Tool
2012-04-12 15:56 . 2010-09-13 18:44   106496   ----a-w-   c:\windows\SysWow64\CNC880U.dll
2012-04-12 15:56 . 2010-09-06 21:03   315392   ----a-w-   c:\windows\SysWow64\CNC880L.dll
2012-04-12 15:56 . 2008-08-25 22:02   15872   ----a-w-   c:\windows\SysWow64\CNHMCA.dll
2012-04-12 15:56 . 2012-04-12 15:56   --------   d--h--w-   c:\windows\system32\CanonIJ Uninstaller Information
2012-04-12 15:56 . 2012-04-12 15:56   --------   d--h--w-   c:\program files\CanonBJ
2012-04-12 15:12 . 2012-04-12 15:12   --------   d-----w-   c:\users\JSR\AppData\Roaming\Registry Mechanic
2012-04-12 15:10 . 2012-03-21 16:23   512472   ----a-w-   c:\windows\SysWow64\msxml.dll
2012-04-12 15:10 . 2012-03-21 16:23   40408   ----a-w-   c:\windows\system32\CleanMFT64.exe
2012-04-12 15:10 . 2008-04-02 20:54   1101824   ----a-w-   c:\windows\SysWow64\UniBox210.ocx
2012-04-12 15:10 . 2008-04-02 20:53   212992   ----a-w-   c:\windows\SysWow64\UniBoxVB12.ocx
2012-04-12 15:10 . 2008-04-02 20:53   880640   ----a-w-   c:\windows\SysWow64\UniBox10.ocx
2012-04-12 15:10 . 2012-04-12 15:10   --------   d-----w-   c:\program files (x86)\PC Tools
2012-04-12 15:10 . 2012-04-12 15:10   --------   d-----w-   c:\users\JSR\AppData\Roaming\Product_RM
2012-04-12 15:00 . 2012-04-12 15:00   --------   d-----w-   c:\windows\system32\appmgmt
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\ja-JP
2012-04-12 10:03 . 2012-04-19 11:25   --------   d-----w-   c:\windows\SysWow64\wbem\ja-JP
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\SysWow64\ja
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\SysWow64\drivers\UMDF\ja-JP
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\SysWow64\drivers\ja-JP
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\SysWow64\0411
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\system32\ja
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\system32\drivers\UMDF\ja-JP
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\system32\drivers\ja-JP
2012-04-12 10:03 . 2012-04-12 10:03   --------   d-----w-   c:\windows\system32\0411
2012-04-12 10:02 . 2012-04-19 11:25   --------   d-----w-   c:\windows\system32\wbem\ja-JP
2012-04-12 10:00 . 2010-11-20 09:27   287744   ----a-w-   c:\windows\system32\lzhfldr2.dll
2012-04-12 10:00 . 2010-11-20 08:20   266240   ----a-w-   c:\windows\SysWow64\lzhfldr2.dll
2012-04-12 10:00 . 2009-07-13 22:15   377856   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\ink\mshwjpn.dll
2012-04-12 10:00 . 2009-07-13 22:07   11507712   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\ink\mshwjpnr.dll
2012-04-12 10:00 . 2009-07-13 22:15   1179136   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\ink\imjplm.dll
2012-04-12 10:00 . 2009-07-13 22:15   9728   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\ink\dicjp.dll
2012-04-12 10:00 . 2009-07-13 23:12   3072   ----a-w-   c:\windows\system32\Spool\prtprocs\x64\ja-JP\LXKPTPRC.DLL.mui
2012-04-12 10:00 . 2009-07-13 22:41   492032   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\mshwjpn.dll
2012-04-12 10:00 . 2009-07-13 22:41   1198080   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\imjplm.dll
2012-04-12 10:00 . 2009-07-13 22:40   11776   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\dicjp.dll
2012-04-12 10:00 . 2009-07-13 22:29   11507712   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\mshwjpnr.dll
2012-04-12 04:06 . 2012-04-12 04:06   --------   d-----w-   c:\windows\SysWow64\drivers\da-DK
2012-04-12 04:05 . 2012-04-12 04:05   --------   d-----w-   c:\windows\SysWow64\da
2012-04-12 04:05 . 2012-04-12 09:56   --------   d-----w-   c:\windows\SysWow64\wbem\da-DK
2012-04-12 04:05 . 2012-04-12 04:05   --------   d-----w-   c:\windows\da-DK
2012-04-12 04:05 . 2012-04-12 04:05   --------   d-----w-   c:\windows\system32\drivers\da-DK
2012-04-12 04:05 . 2012-04-12 04:05   --------   d-----w-   c:\windows\system32\drivers\UMDF\da-DK
2012-04-12 04:05 . 2012-04-12 04:05   --------   d-----w-   c:\windows\system32\da
2012-04-12 04:05 . 2012-04-12 09:56   --------   d-----w-   c:\windows\system32\wbem\da-DK
2012-04-12 04:04 . 2012-04-12 09:58   --------   d-----w-   c:\windows\SysWow64\wbem\ro-RO
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\SysWow64\drivers\ro-RO
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\ro-RO
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\system32\drivers\ro-RO
2012-04-12 04:04 . 2012-04-12 09:58   --------   d-----w-   c:\windows\system32\wbem\ro-RO
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\SysWow64\drivers\hr-HR
2012-04-12 04:04 . 2012-04-12 09:59   --------   d-----w-   c:\windows\SysWow64\wbem\hr-HR
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\system32\drivers\hr-HR
2012-04-12 04:04 . 2012-04-12 04:04   --------   d-----w-   c:\windows\hr-HR
2012-04-12 04:04 . 2012-04-12 09:59   --------   d-----w-   c:\windows\system32\wbem\hr-HR
2012-04-12 04:03 . 2012-04-12 04:03   --------   d-----w-   c:\windows\SysWow64\zh-CHT
2012-04-12 04:03 . 2012-04-12 04:03   --------   d-----w-   c:\windows\SysWow64\drivers\zh-TW
2012-04-12 04:03 . 2012-04-12 09:56   --------   d-----w-   c:\windows\SysWow64\wbem\zh-HK
2012-04-12 04:03 . 2012-04-12 04:03   --------   d-----w-   c:\windows\SysWow64\wbem\zh-TW
2012-04-12 04:03 . 2012-04-12 04:03   --------   d-----w-   c:\windows\zh-TW
2012-04-12 04:03 . 2012-04-12 04:03   --------   d-----w-   c:\windows\system32\zh-CHT
2012-04-12 04:02 . 2012-04-12 04:02   --------   d-----w-   c:\windows\system32\drivers\zh-TW
2012-04-12 04:02 . 2012-04-12 04:02   --------   d-----w-   c:\windows\system32\drivers\zh-HK
2012-04-12 04:02 . 2012-04-12 04:02   --------   d-----w-   c:\windows\system32\drivers\UMDF\zh-TW
2012-04-12 04:02 . 2012-04-12 04:02   --------   d-----w-   c:\windows\system32\wbem\zh-TW
2012-04-12 04:02 . 2012-04-12 09:56   --------   d-----w-   c:\windows\system32\wbem\zh-HK
2012-04-12 04:02 . 2012-04-12 04:02   --------   d-----w-   c:\windows\pt-BR
2012-04-12 04:01 . 2012-04-12 09:58   --------   d-----w-   c:\windows\SysWow64\wbem\pt-BR
2012-04-12 04:01 . 2012-04-12 04:01   --------   d-----w-   c:\windows\SysWow64\drivers\pt-BR
2012-04-12 04:01 . 2012-04-12 04:01   --------   d-----w-   c:\windows\system32\drivers\pt-BR
2012-04-12 04:01 . 2012-04-12 04:01   --------   d-----w-   c:\windows\system32\drivers\UMDF\pt-BR
2012-04-12 04:01 . 2012-04-12 09:58   --------   d-----w-   c:\windows\system32\wbem\pt-BR
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\pt-PT
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\SysWow64\drivers\pt-PT
2012-04-12 04:00 . 2012-04-12 09:58   --------   d-----w-   c:\windows\SysWow64\wbem\pt-PT
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\SysWow64\pt
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\system32\drivers\pt-PT
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\system32\drivers\UMDF\pt-PT
2012-04-12 04:00 . 2012-04-12 09:58   --------   d-----w-   c:\windows\system32\wbem\pt-PT
2012-04-12 04:00 . 2012-04-12 04:00   --------   d-----w-   c:\windows\system32\pt
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\SysWow64\drivers\pl-PL
2012-04-12 03:59 . 2012-04-12 09:58   --------   d-----w-   c:\windows\SysWow64\wbem\pl-PL
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\SysWow64\pl
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\pl-PL
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\system32\drivers\UMDF\pl-PL
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\system32\drivers\pl-PL
2012-04-12 03:59 . 2012-04-12 09:58   --------   d-----w-   c:\windows\system32\wbem\pl-PL
2012-04-12 03:59 . 2012-04-12 03:59   --------   d-----w-   c:\windows\system32\pl
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\tr-TR
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\SysWow64\tr
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\SysWow64\drivers\tr-TR
2012-04-12 03:58 . 2012-04-12 09:59   --------   d-----w-   c:\windows\SysWow64\wbem\tr-TR
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\system32\drivers\tr-TR
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\system32\tr
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\system32\drivers\UMDF\tr-TR
2012-04-12 03:58 . 2012-04-12 09:59   --------   d-----w-   c:\windows\system32\wbem\tr-TR
2012-04-12 03:58 . 2012-04-12 03:58   --------   d-----w-   c:\windows\SysWow64\drivers\bg-BG
2012-04-12 03:57 . 2012-04-12 09:56   --------   d-----w-   c:\windows\SysWow64\wbem\bg-BG
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\system32\drivers\bg-BG
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\bg-BG
2012-04-12 03:57 . 2012-04-12 09:56   --------   d-----w-   c:\windows\system32\wbem\bg-BG
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\SysWow64\zh-CHS
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\SysWow64\drivers\zh-CN
2012-04-12 03:57 . 2012-04-12 09:56   --------   d-----w-   c:\windows\SysWow64\wbem\zh-CN
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\system32\zh-CHS
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\system32\drivers\zh-CN
2012-04-12 03:57 . 2012-04-12 03:57   --------   d-----w-   c:\windows\system32\drivers\UMDF\zh-CN
2012-04-12 03:57 . 2012-04-12 09:56   --------   d-----w-   c:\windows\system32\wbem\zh-CN
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\zh-CN
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\SysWow64\drivers\sr-Latn-CS
2012-04-12 03:56 . 2012-04-12 09:59   --------   d-----w-   c:\windows\SysWow64\wbem\sr-Latn-CS
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\sr-Latn-CS
2012-04-12 03:56 . 2012-04-12 09:59   --------   d-----w-   c:\windows\system32\wbem\sr-Latn-CS
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\system32\drivers\sr-Latn-CS
2012-04-12 03:56 . 2012-04-12 09:59   --------   d-----w-   c:\windows\SysWow64\wbem\et-EE
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\SysWow64\drivers\et-EE
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\system32\drivers\et-EE
2012-04-12 03:56 . 2012-04-12 09:59   --------   d-----w-   c:\windows\system32\wbem\et-EE
2012-04-12 03:56 . 2012-04-12 03:56   --------   d-----w-   c:\windows\et-EE
2012-04-12 03:55 . 2012-04-12 03:55   --------   d-----w-   c:\windows\lt-LT
2012-04-12 03:55 . 2012-04-12 09:59   --------   d-----w-   c:\windows\SysWow64\wbem\lt-LT
2012-04-12 03:55 . 2012-04-12 03:55   --------   d-----w-   c:\windows\SysWow64\drivers\lt-LT
2012-04-12 03:55 . 2012-04-12 09:59   --------   d-----w-   c:\windows\system32\wbem\lt-LT
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-17 14:34 . 2012-02-07 23:13   70304   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-15 13:49 . 2012-03-15 13:49   17408   ----a-w-   c:\windows\system32\drivers\DisplayLinkUsbPort_6.2.37054.0.sys
2012-02-24 13:00 . 2012-03-11 18:19   26856   ----a-w-   c:\windows\system32\drivers\tclondrv.sys
2012-02-17 06:38 . 2012-03-15 13:45   1112064   ----a-w-   c:\windows\system32\rdpcorets.dll
2012-02-17 06:38 . 2012-03-15 13:45   1031680   ----a-w-   c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-15 13:45   826880   ----a-w-   c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-15 13:45   210944   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-15 13:45   23552   ----a-w-   c:\windows\system32\drivers\tdtcp.sys
2012-02-15 15:01 . 2012-02-15 15:01   52736   ----a-w-   c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01   4547944   ----a-w-   c:\windows\system32\usbaaplrc.dll
2012-02-14 16:09 . 2012-02-14 16:09   1070352   ----a-w-   c:\windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:36 . 2012-03-15 13:45   1544192   ----a-w-   c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-15 13:45   1077248   ----a-w-   c:\windows\SysWow64\DWrite.dll
2012-02-08 01:01 . 2012-02-08 01:01   86528   ----a-w-   c:\windows\SysWow64\SearchFilterHost.exe
2012-02-08 01:01 . 2012-02-08 01:01   778752   ----a-w-   c:\windows\system32\mssvp.dll
2012-02-08 01:01 . 2012-02-08 01:01   75264   ----a-w-   c:\windows\system32\msscntrs.dll
2012-02-08 01:01 . 2012-02-08 01:01   666624   ----a-w-   c:\windows\SysWow64\mssvp.dll
2012-02-08 01:01 . 2012-02-08 01:01   59392   ----a-w-   c:\windows\SysWow64\msscntrs.dll
2012-02-08 01:01 . 2012-02-08 01:01   591872   ----a-w-   c:\windows\system32\SearchIndexer.exe
2012-02-08 01:01 . 2012-02-08 01:01   491520   ----a-w-   c:\windows\system32\mssph.dll
2012-02-08 01:01 . 2012-02-08 01:01   427520   ----a-w-   c:\windows\SysWow64\SearchIndexer.exe
2012-02-08 01:01 . 2012-02-08 01:01   337408   ----a-w-   c:\windows\SysWow64\mssph.dll
2012-02-08 01:01 . 2012-02-08 01:01   31232   ----a-w-   c:\windows\SysWow64\prevhost.exe
2012-02-08 01:01 . 2012-02-08 01:01   31232   ----a-w-   c:\windows\system32\prevhost.exe
2012-02-08 01:01 . 2012-02-08 01:01   288256   ----a-w-   c:\windows\system32\mssphtb.dll
2012-02-08 01:01 . 2012-02-08 01:01   249856   ----a-w-   c:\windows\system32\SearchProtocolHost.exe
2012-02-08 01:01 . 2012-02-08 01:01   2315776   ----a-w-   c:\windows\system32\tquery.dll
2012-02-08 01:01 . 2012-02-08 01:01   2223616   ----a-w-   c:\windows\system32\mssrch.dll
2012-02-08 01:01 . 2012-02-08 01:01   197120   ----a-w-   c:\windows\SysWow64\mssphtb.dll
2012-02-08 01:01 . 2012-02-08 01:01   164352   ----a-w-   c:\windows\SysWow64\SearchProtocolHost.exe
2012-02-08 01:01 . 2012-02-08 01:01   1549312   ----a-w-   c:\windows\SysWow64\tquery.dll
2012-02-08 01:01 . 2012-02-08 01:01   1401344   ----a-w-   c:\windows\SysWow64\mssrch.dll
2012-02-08 01:01 . 2012-02-08 01:01   113664   ----a-w-   c:\windows\system32\SearchFilterHost.exe
2012-02-08 01:01 . 2012-02-08 01:01   861696   ----a-w-   c:\windows\system32\oleaut32.dll
2012-02-08 01:01 . 2012-02-08 01:01   75776   ----a-w-   c:\windows\SysWow64\psisrndr.ax
2012-02-08 01:01 . 2012-02-08 01:01   613888   ----a-w-   c:\windows\system32\psisdecd.dll
2012-02-08 01:01 . 2012-02-08 01:01   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2012-02-08 01:01 . 2012-02-08 01:01   476160   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2012-02-08 01:01 . 2012-02-08 01:01   465408   ----a-w-   c:\windows\SysWow64\psisdecd.dll
2012-02-08 01:01 . 2012-02-08 01:01   331776   ----a-w-   c:\windows\system32\oleacc.dll
2012-02-08 01:01 . 2012-02-08 01:01   288256   ----a-w-   c:\windows\SysWow64\XpsGdiConverter.dll
2012-02-08 01:01 . 2012-02-08 01:01   233472   ----a-w-   c:\windows\SysWow64\oleacc.dll
2012-02-08 01:01 . 2012-02-08 01:01   108032   ----a-w-   c:\windows\system32\psisrndr.ax
2012-02-08 01:01 . 2012-02-08 01:01   86016   ----a-w-   c:\windows\SysWow64\odbccu32.dll
2012-02-08 01:01 . 2012-02-08 01:01   81920   ----a-w-   c:\windows\SysWow64\odbccr32.dll
2012-02-08 01:01 . 2012-02-08 01:01   319488   ----a-w-   c:\windows\SysWow64\odbcjt32.dll
2012-02-08 01:01 . 2012-02-08 01:01   212992   ----a-w-   c:\windows\system32\odbctrac.dll
2012-02-08 01:01 . 2012-02-08 01:01   163840   ----a-w-   c:\windows\SysWow64\odbctrac.dll
2012-02-08 01:01 . 2012-02-08 01:01   163840   ----a-w-   c:\windows\system32\odbccp32.dll
2012-02-08 01:01 . 2012-02-08 01:01   122880   ----a-w-   c:\windows\SysWow64\odbccp32.dll
2012-02-08 01:01 . 2012-02-08 01:01   106496   ----a-w-   c:\windows\system32\odbccu32.dll
2012-02-08 01:01 . 2012-02-08 01:01   106496   ----a-w-   c:\windows\system32\odbccr32.dll
2012-02-08 01:01 . 2012-02-08 01:01   7680   ----a-w-   c:\windows\SysWow64\instnm.exe
2012-02-08 01:01 . 2012-02-08 01:01   6144   ---ha-w-   c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   6144   ---ha-w-   c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   5120   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   5120   ---ha-w-   c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   5120   ----a-w-   c:\windows\SysWow64\wow32.dll
2012-02-08 01:01 . 2012-02-08 01:01   4608   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4608   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4608   ---ha-w-   c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4608   ---ha-w-   c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   44032   ----a-w-   c:\windows\apppatch\acwow64.dll
2012-02-08 01:01 . 2012-02-08 01:01   421888   ----a-w-   c:\windows\system32\KernelBase.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   4096   ---ha-w-   c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   362496   ----a-w-   c:\windows\system32\wow64win.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3584   ---ha-w-   c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   338432   ----a-w-   c:\windows\system32\conhost.exe
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-02-08 01:01 . 2012-02-08 01:01   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-05 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-07-07 75064]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-11 624248]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2010-07-16 307184]
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe" [2010-06-30 477680]
"CPMonitor"="c:\program files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe" [2010-08-25 84464]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-03-21 103896]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys

R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys

R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/07 17:50;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-12 248304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-07-16 354288]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 253088]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys

R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-02-07 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-02-07 79360]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys

R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys

R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys

R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-07-16 1099248]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2012-02-24 402336]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-02-07 79360]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys

R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys

R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys

R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys

R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys

S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys

S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys

S0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys

S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys

S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-06-03 457200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-09-13 39408]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2012-02-17 550864]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-12-14 8448944]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-22 378472]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys

S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_6.2.37054.0.sys

S3 dlcdcecm;dlcdcecm;c:\windows\system32\DRIVERS\dlcdcecm.sys

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys

S3 dlusbaudio;dlusbaudio;c:\windows\system32\DRIVERS\dlusbaudio_x64.sys

S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys

S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys

S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys

S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys

.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:34]
.
2012-03-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]
.
2012-04-19 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [2012-04-12 16:23]
.
2012-04-18 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTMasterOnOffMonitor"="CTMWatch.dll StartCTMasterOnOffWatch" [X]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-05 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-05 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-05 416024]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RunDLLEntry"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.cnn.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
FF - ProfilePath - c:\users\JSR\AppData\Roaming\Mozilla\Firefox\Profiles\my2zrenn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TuneClone - c:\program files\TuneClone\TuneClone.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Juniper Networks\Common Files\dsNcService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Completion time: 2012-04-19 16:35:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-19 20:35
.
Pre-Run: 156,262,473,728 bytes free
Post-Run: 156,146,462,720 bytes free
.
- - End Of File - - 07CA8B538F0F902FC626A6903087803C

jreddy · « **Reply #12 on:** April 19, 2012, 02:45:29 PM »

Hi Hoov - I know there's probably more to do. I'll be back at the keyboard by 9pm ET this evening. Thanks for everything so far!

Hoov · « **Reply #13 on:** April 19, 2012, 03:03:29 PM »

Are you having any other problems or have any other questions or concerns? If not we can do some cleanup and call this done.

jreddy · « **Reply #14 on:** April 19, 2012, 06:54:52 PM »

Well, I tried to cause a redirect a few more times, and no "Happili"s appeared, so I'm ready to say that it looks like my issue is fixed. Cleanup's good with me.

News:

Author Topic: [Resolved] Happili Redirect (Read 1412 times)

jreddy

[Resolved] Happili Redirect

jreddy

Re: Happili Redirect

jreddy

Re: Happili Redirect

Hoov

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

Hoov

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

Hoov

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect

Hoov

Re: [In Progress] Happili Redirect

jreddy

Re: [In Progress] Happili Redirect