I think i have a registry problem

23 replies to this topic

#1 TheGoobKid


  
  
  

Posted 13 June 2011 - 10:33 PM



So I asked about this probelm before, and one of the admins told me to start a topic here because its probably an infection. So I am, but it took so long to do this because my ISP suddenly decided to have a spasm with their mobile internet thingys and i couldnt get on for days. I did a DSS thing before but did a new one just today since there's some new problems that just came up.

SO I have this dell XPS 15 and it was working pretty well before my sound card driver (or at least i think it is) started screwing up. I have tried resetting to factory image, but this thing is still here (wasted a lot of time and my already limited net allowance. thanks for nothing dell).

So on the DELL XPS 15 there's these buttons next to the POWER button. one of them being the launch button for Realtek HD Audio Manager. and every time i touch it (and its really sensitive and right next to the mute button -_-) It says it has stopped working. I think this is probably the first problem out of many.

When i try to run some programs or games it just tells me certain _____.dll files are missing and tells me to reinstall. I have to say that didnt really help. So looked it up on the internet and apparently its a registry problem. Since I dont really trust any registry cleaners i thought i'd do one of these DDS file things, cant hurt (more than it already has. at least)

So here it is, and whatever help anyone can give me would absolutely be appreciated. TYVM IN ADVANCE :flowers:

:offtopic: Just a side note, im using Vodafone Mobile internet, not sure if that has anything to do with anything but personally i think its horrible and has caused problems for my computer before so yeah... :thumbdown:

DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Geoff at 13:11:39 on 2011-06-14
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.8106.5954 [GMT 10:00]
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
============== Pseudo HJT Report ===============
uStart Page = my.daemon-search.com
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=au&l=en&s=gen
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110608222920.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [Google Update] "C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Geoff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer =
TCP: Interfaces\{38702183-FBDB-49C2-9B5B-B8DF5C475501} : DhcpNameServer =
TCP: Interfaces\{B1FEB3E2-6103-4734-A460-D6103BABC362} : DhcpNameServer =
TCP: Interfaces\{B50D768E-1C0E-4A6A-9527-74FFF2BB4AC2} : NameServer =,
TCP: Interfaces\{FADBCE83-2CC8-45F5-A9EF-6911ED6CE534} : DhcpNameServer =
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110608222920.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [FAStartup]
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce-x64: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Geoff\AppData\Roaming\Mozilla\Firefox\Profiles\mdh77ql7.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/startpage
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Geoff\AppData\Local\Google\Update\\npGoogleOneClick8.dll
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-13 98208]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2010-3-11 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2010-3-11 355440]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2010-3-11 355440]
R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-3-13 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-3-13 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-3-13 1997416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-13 689472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-13 2656280]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-9-18 9216]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/12 13:39:28;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-30 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-3-13 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-3-13 79360]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys --> C:\Windows\system32\DRIVERS\ewusbfake.sys [?]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-3-13 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-3-13 79360]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2010-3-11 355440]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
=============== Created Last 30 ================
2011-06-14 00:10:42 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-14 00:10:26 336192 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-06-14 00:05:32 -------- d-----w- C:\Users\Geoff\AppData\Local\{DDA59CFB-588A-4964-9598-4C95961159C1}
2011-06-13 06:14:44 -------- d-----w- C:\Users\Geoff\AppData\Local\{96E6482B-8D7F-4291-8DAE-0C93A6A59179}
2011-06-12 10:07:26 -------- d-----w- C:\Users\Geoff\AppData\Local\{29485116-4C55-4ED2-912A-E8E6BF14FF94}
2011-06-12 07:56:51 488800 ----a-w- C:\Windows\SysWow64\Ltkrn15u.dll
2011-06-12 07:56:51 390496 ----a-w- C:\Windows\SysWow64\Lfcmp15u.dll
2011-06-12 07:56:51 185688 ----a-w- C:\Windows\SysWow64\Ltfil15u.dll
2011-06-12 06:39:05 -------- d-----w- C:\Users\Geoff\.thumbnails
2011-06-12 06:32:30 -------- d-----w- C:\Users\Geoff\.gimp-2.6
2011-06-12 06:32:11 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
2011-06-12 03:06:30 -------- d-----w- C:\Users\Geoff\AppData\Local\{993C4794-5FA0-42ED-A2C8-1089C0E6D22B}
2011-06-12 01:49:54 -------- d-----w- C:\Users\Geoff\AppData\Local\{52FBB62E-D1E4-4A22-9881-530534B9F207}
2011-06-12 01:32:16 -------- d-----w- C:\Users\Geoff\AppData\Local\{649DEEEC-1A4B-4404-9C40-624CF5089099}
2011-06-11 06:34:59 -------- d-----w- C:\Users\Geoff\AppData\Local\{517D72BE-31E4-4AF6-8745-C5F3D956372D}
2011-06-11 03:24:14 -------- d-----w- C:\Users\Geoff\AppData\Local\{DD64DC26-45DD-4C0E-B755-273E4DD675C8}
2011-06-11 01:35:22 310784 ----a-r- C:\Program Files (x86)\Mozilla Firefox\Call of Duty - BO\Steamclient.dll
2011-06-11 01:34:08 8434776 ----a-r- C:\Program Files (x86)\Mozilla Firefox\Call of Duty - BO\BlackOpsMP.exe
2011-06-11 01:34:07 7941120 ----a-r- C:\Program Files (x86)\Mozilla Firefox\Call of Duty - BO\BlackOps.exe
2011-06-11 00:40:38 -------- d-----w- C:\Users\Geoff\AppData\Local\{835D488A-80B7-444C-803A-525CF1F34C41}
2011-06-11 00:13:40 187544 ----a-r- C:\Program Files (x86)\Mozilla Firefox\lp2\xliveinstall.dll
2011-06-11 00:13:00 71168 ----a-r- C:\Program Files (x86)\Mozilla Firefox\lp2\SKIDROW.exe
2011-06-11 00:13:00 134656 ----a-r- C:\Program Files (x86)\Mozilla Firefox\lp2\Skidrow.dll
2011-06-10 23:42:35 -------- d-----w- C:\Users\Geoff\AppData\Local\{71B1D3B4-AFB6-4FDE-873A-156F2714A44B}
2011-06-10 08:45:10 8192 ----a-r- C:\Program Files (x86)\Mozilla Firefox\bfbc\rld-bbc2.exe
2011-06-10 08:45:10 101376 ----a-r- C:\Program Files (x86)\Mozilla Firefox\bfbc\rld.dll
2011-06-10 00:00:53 -------- d-----w- C:\Users\Geoff\AppData\Local\{53BA09C8-D7A0-4F87-9272-0FF097B1D5A1}
2011-06-09 13:01:17 -------- d-----w- C:\Users\Geoff\AppData\Local\ArcSoft
2011-06-09 05:08:15 -------- d-----w- C:\Users\Geoff\AppData\Local\{CF4F8EC8-25F0-47C1-B7BF-BEB687DC2841}
2011-06-08 05:30:03 -------- d-----w- C:\Users\Geoff\AppData\Local\{3FFC1221-3D44-4EFE-97C9-E0D4C30FE2A3}
2011-06-07 21:19:23 -------- d-----w- C:\Users\Geoff\AppData\Local\{9795E8D5-EC2F-4B0D-878F-452F0D56E6F2}
2011-06-07 13:47:31 -------- d-----w- C:\Users\Geoff\AppData\Local\{2C696789-72BA-4AC4-9437-17E3C56B21DF}
2011-06-07 13:39:03 71168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\lp\SKIDROW.exe
2011-06-07 13:39:03 134656 ----a-w- C:\Program Files (x86)\Mozilla Firefox\lp\Skidrow.dll
2011-06-07 13:04:52 -------- d-----w- C:\ProgramData\WeGame
2011-06-07 13:04:31 -------- d-----w- C:\Users\Geoff\AppData\Local\WeGame
2011-06-07 13:04:31 -------- d-----w- C:\Program Files (x86)\WeGame
2011-06-07 11:33:44 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-06-07 11:33:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-06-07 11:33:44 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-06-07 11:33:43 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-06-07 11:33:43 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-06-07 09:59:19 -------- d-----w- C:\Users\Geoff\AppData\Local\ElevatedDiagnostics
2011-06-07 09:58:14 -------- d-----w- C:\Users\Geoff\AppData\Local\Diagnostics
2011-06-07 09:29:24 -------- d-----w- C:\Users\Geoff\AppData\Local\{A5A59FB7-4873-4DDA-A6AD-7902F09ED9C4}
2011-06-07 09:22:55 -------- d-----w- C:\Users\Geoff\AppData\Local\{1EC229C6-0F80-438A-B417-D8CE7F166B48}
2011-06-07 08:59:31 -------- d-----w- C:\Program Files (x86)\WinPcap
2011-06-07 08:53:53 -------- d-----w- C:\Program Files (x86)\WMR14
2011-06-07 05:10:16 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Reallusion
2011-06-07 00:27:39 -------- d-----w- C:\Users\Geoff\AppData\Local\{52833144-E3AC-4A6F-9C45-3390611E80BA}
2011-06-06 11:36:34 -------- d-----w- C:\Users\Geoff\AppData\Local\{2D2E1074-1DC8-42E1-ABD1-1A6E9BEB8EEA}
2011-06-06 05:40:22 -------- d-----w- C:\Users\Geoff\AppData\Local\{6A9DECFA-EBB7-4AB6-86D6-B4DCF2E2DAC7}
2011-06-06 04:39:14 -------- d-----w- C:\Users\Geoff\AppData\Roaming\NVIDIA
2011-06-06 04:39:10 -------- d-sh--w- C:\ProgramData\DSS
2011-06-06 04:38:07 320808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\moh\Binaries\paul.dll
2011-06-06 04:25:16 -------- d-----w- C:\Windows\SysWow64\AGEIA
2011-06-06 04:25:06 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-06-06 04:22:46 -------- d-----w- C:\Users\Geoff\AppData\Local\{9F899BEC-707D-4584-96DF-CCC33EE0853D}
2011-06-06 04:22:46 -------- d-----w- C:\Users\Geoff\AppData\Local\{3380991B-7F02-4AFD-89C4-15E3230F1A55}
2011-06-05 10:56:04 -------- d-----w- C:\Program Files (x86)\BestGameEver
2011-06-05 10:09:26 73728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\Support\Need for Speed Most Wanted_uninst.exe
2011-06-05 10:09:26 7250800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\speed.exe
2011-06-05 10:09:26 618496 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\Support\EReg.exe
2011-06-05 10:09:26 561152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\Support\EasyInfo.exe
2011-06-05 10:09:26 40960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\shell_inst.exe
2011-06-05 10:09:26 40960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\safemode_inst.exe
2011-06-05 10:09:26 380928 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\server.dll
2011-06-05 10:09:26 344064 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\eauninstall.exe
2011-06-05 10:09:26 323584 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nfs\Support\Need for Speed Most Wanted_code.exe
2011-06-05 04:48:31 -------- d-----w- C:\ProgramData\VirtualizedApplications
2011-06-05 02:38:14 -------- d-----w- C:\Users\Geoff\AppData\Roaming\SoftGrid Client
2011-06-05 02:38:14 -------- d-----w- C:\Users\Geoff\AppData\Local\SoftGrid Client
2011-06-05 02:37:52 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-06-05 02:37:36 -------- d-----w- C:\Users\Geoff\AppData\Roaming\TP
2011-06-04 09:35:55 -------- d-----w- C:\Users\Geoff\AppData\Local\Apple Computer
2011-06-04 09:35:47 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-06-04 09:35:47 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-06-04 09:35:47 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-06-04 09:35:28 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-06-04 09:35:28 -------- d-----w- C:\Program Files\iTunes
2011-06-04 09:35:28 -------- d-----w- C:\Program Files\iPod
2011-06-04 09:35:28 -------- d-----w- C:\Program Files (x86)\iTunes
2011-06-04 08:46:59 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Macrovision
2011-06-04 08:32:22 -------- d-----w- C:\Users\Geoff\AppData\Local\{53A85711-0F10-464B-85C4-E8A9D12A9725}
2011-06-02 07:02:54 -------- d-----w- C:\Users\Geoff\AppData\Local\{AB325679-D4F3-404F-B4BF-4B4642DB85D3}
2011-06-01 22:38:28 -------- d-----w- C:\Users\Geoff\AppData\Local\{CA487BCC-7BA9-473A-B063-B86AA5F8A2E9}
2011-06-01 22:35:16 -------- d-----w- C:\Windows\SysWow64\Wat
2011-06-01 22:35:16 -------- d-----w- C:\Windows\System32\Wat
2011-06-01 07:01:03 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-06-01 07:01:03 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-06-01 06:58:57 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-06-01 06:57:29 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-06-01 06:57:29 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-06-01 06:57:29 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-06-01 06:57:29 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-06-01 06:57:29 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-06-01 06:57:29 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-06-01 06:57:29 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-06-01 06:57:29 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-06-01 06:57:29 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-06-01 06:57:29 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-06-01 03:24:01 107832 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-01 03:23:52 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-06-01 03:23:52 2337865 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2011-06-01 03:14:28 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Roxio Burn
2011-06-01 03:13:07 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-06-01 03:13:01 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-06-01 03:12:15 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2011-06-01 02:41:38 -------- d-----w- C:\Users\Geoff\AppData\Roaming\DAEMON Tools Lite
2011-06-01 02:41:38 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2011-05-31 23:23:04 714752 ----a-w- C:\Windows\System32\kerberos.dll
2011-05-31 23:23:04 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-05-31 23:23:03 2870272 ----a-w- C:\Windows\explorer.exe
2011-05-31 23:23:03 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-05-31 23:23:01 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-31 23:23:01 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-31 23:20:15 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-05-31 23:20:15 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-05-31 23:19:33 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-05-31 23:19:22 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-05-31 23:19:22 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-05-31 23:19:22 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-05-31 23:19:21 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-05-31 23:15:14 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-05-31 23:15:14 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-05-31 23:15:14 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-05-31 23:06:12 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-05-31 23:06:12 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-05-31 23:06:12 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-05-31 23:06:12 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-05-31 23:06:00 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-05-31 23:01:24 214016 ----a-w- C:\Windows\System32\winsrv.dll
2011-05-31 23:01:22 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-05-31 23:01:21 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-05-31 23:01:21 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-05-31 23:01:18 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-31 23:01:17 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2011-05-31 23:01:15 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-05-31 23:01:15 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-05-31 23:01:15 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-05-31 23:01:12 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-05-31 23:01:11 1293632 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-05-31 12:11:10 -------- d-----w- C:\Users\Geoff\AppData\Local\{260C3EB5-75CC-43F7-A180-B2E0AF317FA8}
2011-05-30 16:13:14 -------- d-----w- C:\Users\Geoff\AppData\Roaming\LolClient
2011-05-30 15:37:57 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-05-30 15:37:57 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-05-30 15:37:57 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2011-05-30 15:37:57 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2011-05-30 15:37:56 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-05-30 12:49:56 -------- d-----w- C:\Users\Geoff\AppData\Local\Microsoft Games
2011-05-30 12:13:56 802816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\LeagueOfLegends\setup.exe
2011-05-30 12:13:56 577024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\LeagueOfLegends\ISSetup.dll
2011-05-30 12:11:29 -------- d-----w- C:\Users\Geoff\AppData\Local\PMB Files
2011-05-30 12:11:28 -------- d-----w- C:\ProgramData\PMB Files
2011-05-30 11:34:13 525656 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\Redist\DirectX\DXSETUP.exe
2011-05-30 11:34:13 1691464 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\Redist\DirectX\dsetup32.dll
2011-05-30 11:34:12 94024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\Redist\DirectX\DSETUP.dll
2011-05-30 11:34:08 2723264 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\Redist\vcredist_x86.exe
2011-05-30 11:32:05 -------- d-----w- C:\Users\Geoff\AppData\Local\Adobe
2011-05-30 11:30:42 58616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\UpdateDLLWrapper.dll
2011-05-30 11:30:42 434688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\mss32.dll
2011-05-30 11:30:42 3513944 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\iw4sp.exe
2011-05-30 11:30:42 1296880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\SteamAPIUpdater.dll
2011-05-30 11:30:42 115960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\steam_api.dll
2011-05-30 11:30:41 3923544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\iw4mp.exe
2011-05-30 11:30:41 167936 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Call of Duty Modern Warfare 2\binkw32.dll
2011-05-30 11:21:33 -------- d-----w- C:\Users\Geoff\AppData\Local\{E5686726-E26E-4264-8F85-892D80588B76}
2011-05-30 11:17:10 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-05-30 11:09:20 24376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
2011-05-30 10:51:38 -------- d-----w- C:\Users\Geoff\Tracing
2011-05-30 10:37:01 -------- d-----w- C:\Users\Geoff\AppData\Roaming\FLEXnet
2011-05-30 10:36:10 -------- d-----w- C:\Users\Geoff\AppData\Local\Google
2011-05-30 10:21:31 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Vodafone
2011-05-30 10:20:36 -------- d-----w- C:\ProgramData\Vodafone
2011-05-30 10:20:33 -------- d-----w- C:\Program Files (x86)\Vodafone
2011-05-30 10:20:09 -------- d-----w- C:\Users\Geoff\AppData\Local\{B1D12088-49E0-44EA-B9B0-72DD12D8526D}
2011-05-30 00:12:02 -------- d-----w- C:\Users\Geoff\AppData\Local\Deployment
2011-05-30 00:12:02 -------- d-----w- C:\Users\Geoff\AppData\Local\Apps
2011-05-30 00:03:58 -------- d-----w- C:\Users\Geoff\My Backup Files
2011-05-29 19:19:09 -------- d-----w- C:\Users\Geoff\AppData\Local\Dell
2011-05-29 19:18:36 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Dell
2011-05-29 19:18:32 -------- d-----w- C:\Users\Geoff\AppData\Roaming\Dell Touch Zone
2011-05-29 19:17:53 -------- d-sh--w- C:\$RECYCLE.BIN
2011-05-29 19:17:51 -------- d-----w- C:\Users\Geoff\AppData\Local\VirtualStore
2011-05-29 17:47:41 -------- d-----w- C:\Windows\SMINST
==================== Find3M ====================
2011-04-14 04:01:38 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2011-04-14 04:01:38 94992 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2011-04-14 04:01:38 75160 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2011-04-14 04:01:38 63056 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2011-04-14 04:01:38 530304 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2011-04-14 04:01:38 441840 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2011-04-14 04:01:38 283744 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2011-04-14 04:01:38 190520 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2011-04-14 04:01:38 149032 ----a-w- C:\Windows\System32\mfevtps.exe
2011-04-14 04:01:38 121376 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2011-04-09 06:54:07 5475712 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:21:36 3967360 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:21:32 3911552 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-06 06:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 06:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 06:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 06:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 06:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 06:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 06:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 06:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
============= FINISH: 13:12:41.47 ===============

#2 m0le


    

  
  
  
  
  

Posted 22 June 2011 - 07:09 PM


Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:



#3 TheGoobKid

  

  
  
  

Posted 23 June 2011 - 09:36 PM

Yep im here, and the computer is still laggin on youtube :P

#4 m0le


    

  
  
  
  
  

Posted 24 June 2011 - 01:08 PM

Yes, there's a few different types of files which look suspicious so please run Combofix, this is useful at removing multiple infections

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.



#5 TheGoobKid

  

  
  
  

Posted 25 June 2011 - 01:10 AM

Attached File  ComboFix.txt   39.39KB   2 downloadsAttached File  comfix log.txt   39.39KB   1 downloads

Yeah im not really sure which one but i think they're the same.
ANYYYYYYYYYYYYWAYYYYYYYYYYYYYYYYYYYYYYY. btw all the posts i been doing apart from my original have been on a different computer. dont really feel safe going on the net with that one anymore :P
But while i was doing the Combofix, I had to run it a few different times, cuz i had trouble turning off my Macafee security thing.

O And also nothing seems to work now on the laptop now (the other one with the problems). is that normal? or do i just restart the computer and hope it all goes away. but for now i think im just gonna leave it on and let nothing happen

#6 m0le


    

  
  
  
  
  

Posted 25 June 2011 - 04:05 AM

Yes, it ran eight times in all and the last log shows nothing because if anything had been removed it would have shown in earlier logs.

Please go to Start >Run > and copy/paste the following, then press Enter


A log file should open. Please post that in your next reply.



#7 TheGoobKid

  

  
  
  

Posted 25 June 2011 - 07:46 AM

Attached File  New Text Document.txt   42bytes   2 downloads

Here you go.

#8 m0le


    

  
  
  
  
  

Posted 25 June 2011 - 01:39 PM

I'm not sure how, but the log you have attached has only the command that I asked you to run in it.


Can you try it again please.



#9 TheGoobKid

  

  
  
  

Posted 25 June 2011 - 07:02 PM

Yeah sorry about that, had to change computers a lot and got really confused

Attached File  ComboFix-quarantined-files.txt   38.36KB   4 downloads

I think this one's it

#10 m0le


    

  
  
  
  
  

Posted 25 June 2011 - 07:42 PM

That's more like it and what I expected too, plenty of malware being removed.

Can you next run MBAM and then ESET

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
If no log is generated that means nothing was found. Please let me know if this happens.

I haven't forgotten about the _____.dll files issue. If you can write down the ones that are showing in the error messages that will help.



#11 TheGoobKid

  

  
  
  

Posted 26 June 2011 - 06:25 PM

Attached File  mbam-log-2011-06-26 (22-54-25).txt   985bytes   2 downloads

OK mbam had found one thing and it took care of it, i think. the ESET online scanner had nothing, but I still think there's something wrong. just went to youtube and tried playing call of duty but they all lagged. and cod never lagged before. So im guessing somethings still not right.

but anyway. the startup problem is this.

Problem signature:
Problem Event Name: APPCRASH
Application Name: rundll32.exe
Application Version: 6.1.7600.16385
Application Timestamp: 4a5bc9e0
Fault Module Name: DBACSU.dll
Fault Module Version:
Fault Module Timestamp: 4ce105e5
Exception Code: c0000005
Exception Offset: 0000000000002208
OS Version: 6.1.7600.
Locale ID: 3081
Additional Information 1: c03a
Additional Information 2: c03a274b70959146be92510ef3ca29d8
Additional Information 3: 74bb
Additional Information 4: 74bb2d363a63fb60e32912e04df6a80f

Read our privacy statement online:

If the online privacy statement is not available, please read our privacy statement offline:

There's some other .dll problems but that's all just saying _________.dll is missing, please reinstall. Im pretty sure that I installed the games/programs properly though (they worked before :blink: )

#12 m0le


    

  
  
  
  
  

Posted 26 June 2011 - 07:13 PM

Fault Module Name: DBACSU.dll

That's a Creative file. Please reinstall the program and test.



#13 TheGoobKid

  

  
  
  

Posted 27 June 2011 - 02:03 AM

What am i supposed to be reinstalling? Because it just comes up at start up, and one more thing. my computer's performance is getting slower and slower for some reason. Is that suppose to happen after combo fix or something?

#14 TheGoobKid

  

  
  
  

Posted 27 June 2011 - 03:28 AM

OK so i uninstalled the realtek hd audio thing, but now for some reason i cant run autoplays from anything. should I restore the computer or something? And is there anything else i should do about the malwares? that ESET produced no logs by the way

#15 TheGoobKid

  

  
  
  

Posted 27 June 2011 - 06:28 AM

OK i uninstalled the realtek hd audio manager thing but i think i actually needed that to run audio files. One more thing. it seems that autoplays from cds dont work anymore. i think i actually need that to reinstall the audio manager thing. Is there a way for me to get it without using autoplay? I cant find the actual file in the disk, there's too many files :S

