startup
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run Dell Registration Dell, Inc. C:\Program Files (x86)\System Registration\prodreg.exe /boot
Yes HKLM:Run HotKeysCmds Intel Corporation "C:\Windows\system32\hkcmd.exe"
Yes HKLM:Run IgfxTray Intel Corporation "C:\Windows\system32\igfxtray.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run mcpltui_exe McAfee, Inc. "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Yes HKLM:Run Persistence Intel Corporation "C:\Windows\system32\igfxpers.exe"
Yes HKLM:Run QuickSet Dell Inc. c:\Program Files\Dell\QuickSet\QuickSet.exe
Yes HKLM:Run RtHDVBg Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
Yes HKLM:Run WavesSvc Waves Audio Ltd. "C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run Dell Registration Dell, Inc. C:\Program Files (x86)\System Registration\prodreg.exe /boot
Yes HKLM:Run HotKeysCmds Intel Corporation "C:\Windows\system32\hkcmd.exe"
Yes HKLM:Run IgfxTray Intel Corporation "C:\Windows\system32\igfxtray.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run mcpltui_exe McAfee, Inc. "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Yes HKLM:Run Persistence Intel Corporation "C:\Windows\system32\igfxpers.exe"
Yes HKLM:Run QuickSet Dell Inc. c:\Program Files\Dell\QuickSet\QuickSet.exe
Yes HKLM:Run RtHDVBg Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
Yes HKLM:Run WavesSvc Waves Audio Ltd. "C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
uninstall
Accidental Damage Services Agreement Dell Inc. 8/6/2014 2.0.0
Adobe Flash Player 13 ActiveX Adobe Systems Incorporated 8/6/2014 6.00 MB 13.0.0.182
Adobe Reader XI MUI Adobe Systems Incorporated 8/6/2014 567 MB 11.0.00
Apple Application Support Apple Inc. 11/11/2014 95.2 MB 3.1
Apple Mobile Device Support Apple Inc. 11/11/2014 22.2 MB 8.0.5.6
Apple Software Update Apple Inc. 11/11/2014 2.38 MB 2.1.3.127
Banctec Service Agreement Dell Inc. 8/6/2014 2.0.0
Bonjour Apple Inc. 11/11/2014 2.00 MB 3.0.0.10
CCleaner Piriform 11/17/2014 4.19
Complete Care Business Service Agreement Dell Inc. 8/6/2014 2.0.0
Consumer In-Home Service Agreement Dell Inc. 8/6/2014 2.0.0
Dell Backup and Recovery Dell Inc. 8/6/2014 1.7.1.2
Dell Backup and Recovery - Support Software Dell Inc. 8/6/2014 1.7.1.2
Dell Digital Delivery Dell Products, LP 8/6/2014 2.9.901.0
Dell Home Systems Service Agreement Dell Inc. 8/6/2014 2.0.0
Dell Product Registration Dell Inc. 8/6/2014 1.1.3
Dell Touchpad Synaptics Incorporated 8/6/2014 46.4 MB 18.0.7.1
Dell WLAN and Bluetooth Client Installation Dell Inc. 8/6/2014 10.0
eBay eBay Inc. 8/6/2014 1.4.0
Google Chrome Google Inc. 11/11/2014 38.0.2125.111
Intel(R) Management Engine Components Intel Corporation 8/6/2014 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 8/6/2014 10.18.10.3412
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 8/6/2014 2.5.3.34
iTunes Apple Inc. 11/11/2014 244 MB 12.0.1.26
Malwarebytes Anti-Malware version 2.0.3.1025 Malwarebytes Corporation 11/17/2014 56.6 MB 2.0.3.1025
McAfee Internet Security McAfee, Inc. 11/17/2014 12.8.992
Microsoft .NET Framework 4.5 Microsoft Corporation 8/6/2014 38.8 MB 4.5.50709
Microsoft Office Microsoft Corporation 8/6/2014 317 MB 15.0.4569.1506
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 8/6/2014 300 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 8/6/2014 572 KB 8.0.61000
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 8/6/2014 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 8/6/2014 11.1 MB 10.0.40219
My Dell PC-Doctor, Inc. 8/6/2014 128 MB 3.5.6426.22
Premium Service Agreement Dell Inc. 8/6/2014 2.0.0
QualxServ Service Agreement Dell Inc. 8/6/2014 2.0.0
Quickset64 Dell Inc. 8/6/2014 11.1.18
Realtek Card Reader Realtek Semiconductor Corp. 8/6/2014 6.2.9600.39054
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/6/2014 6.0.1.7161
Shared C Run-time for x64 McAfee 8/6/2014 1.38 MB 10.0.0
Skype™ 5.8 Skype Technologies S.A. 8/6/2014 19.0 MB 5.8.158
Accidental Damage Services Agreement Dell Inc. 8/6/2014 2.0.0
Adobe Flash Player 13 ActiveX Adobe Systems Incorporated 8/6/2014 6.00 MB 13.0.0.182
Adobe Reader XI MUI Adobe Systems Incorporated 8/6/2014 567 MB 11.0.00
Apple Application Support Apple Inc. 11/11/2014 95.2 MB 3.1
Apple Mobile Device Support Apple Inc. 11/11/2014 22.2 MB 8.0.5.6
Apple Software Update Apple Inc. 11/11/2014 2.38 MB 2.1.3.127
Banctec Service Agreement Dell Inc. 8/6/2014 2.0.0
Bonjour Apple Inc. 11/11/2014 2.00 MB 3.0.0.10
CCleaner Piriform 11/17/2014 4.19
Complete Care Business Service Agreement Dell Inc. 8/6/2014 2.0.0
Consumer In-Home Service Agreement Dell Inc. 8/6/2014 2.0.0
Dell Backup and Recovery Dell Inc. 8/6/2014 1.7.1.2
Dell Backup and Recovery - Support Software Dell Inc. 8/6/2014 1.7.1.2
Dell Digital Delivery Dell Products, LP 8/6/2014 2.9.901.0
Dell Home Systems Service Agreement Dell Inc. 8/6/2014 2.0.0
Dell Product Registration Dell Inc. 8/6/2014 1.1.3
Dell Touchpad Synaptics Incorporated 8/6/2014 46.4 MB 18.0.7.1
Dell WLAN and Bluetooth Client Installation Dell Inc. 8/6/2014 10.0
eBay eBay Inc. 8/6/2014 1.4.0
Google Chrome Google Inc. 11/11/2014 38.0.2125.111
Intel(R) Management Engine Components Intel Corporation 8/6/2014 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 8/6/2014 10.18.10.3412
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 8/6/2014 2.5.3.34
iTunes Apple Inc. 11/11/2014 244 MB 12.0.1.26
Malwarebytes Anti-Malware version 2.0.3.1025 Malwarebytes Corporation 11/17/2014 56.6 MB 2.0.3.1025
McAfee Internet Security McAfee, Inc. 11/17/2014 12.8.992
Microsoft .NET Framework 4.5 Microsoft Corporation 8/6/2014 38.8 MB 4.5.50709
Microsoft Office Microsoft Corporation 8/6/2014 317 MB 15.0.4569.1506
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 8/6/2014 300 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 8/6/2014 572 KB 8.0.61000
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 8/6/2014 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 8/6/2014 11.1 MB 10.0.40219
My Dell PC-Doctor, Inc. 8/6/2014 128 MB 3.5.6426.22
Premium Service Agreement Dell Inc. 8/6/2014 2.0.0
QualxServ Service Agreement Dell Inc. 8/6/2014 2.0.0
Quickset64 Dell Inc. 8/6/2014 11.1.18
Realtek Card Reader Realtek Semiconductor Corp. 8/6/2014 6.2.9600.39054
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/6/2014 6.0.1.7161
Shared C Run-time for x64 McAfee 8/6/2014 1.38 MB 10.0.0
Skype™ 5.8 Skype Technologies S.A. 8/6/2014 19.0 MB 5.8.158
Winly
Distinguished
- Jan 2, 2007
- 44
- 0
- 18,610
I dont see anything suspicious on that list.
But I want you to try this:
Download & run Kaspersky's TDSSKILLER. You will most likely find a rootkit (Rootkit.Boot.Pihar.c).
I did some research, i found that there is a svchost.exe process with a *32 after it. It is what keeps creating the fake svchost.exe file.
Try that and report back
But I want you to try this:
Download & run Kaspersky's TDSSKILLER. You will most likely find a rootkit (Rootkit.Boot.Pihar.c).
I did some research, i found that there is a svchost.exe process with a *32 after it. It is what keeps creating the fake svchost.exe file.
Try that and report back
I would uninstall Mcafee. Then use their removal tool. Its the crappiest thing around. And it's a known causes of crashes
http
/service.mcafee.com/FAQDocument.aspx?id=TS101331
Your flash is out of date, thats up to 15.x. Uninstall it then download the latest versions
The files are down the bottom
http/helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html#main-pars_header
Uninstall this as well Shared C Run-time for x64 McAfee
Disable system restore for now close browsers. Then run ccleaner. So it removes temp files etc. Then turn system restore back on. If you want to use it
http
/service.mcafee.com/FAQDocument.aspx?id=TS101331Your flash is out of date, thats up to 15.x. Uninstall it then download the latest versions
The files are down the bottom
http
/helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html#main-pars_headerUninstall this as well Shared C Run-time for x64 McAfee
Disable system restore for now close browsers. Then run ccleaner. So it removes temp files etc. Then turn system restore back on. If you want to use it
EMSISoft has a rootkit scanner incorporated into their easy to download/easy to use portable Emergency Kit.....(you can put it on USB or download it to desktop or to a folder, and easily delete it when you are done...
http/www.emsisoft.com/en/software/eek/
http
/www.emsisoft.com/en/software/eek/- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
Facebook
Twitter