It is no longer blocking me since I ran my windows firewall but, I am worried there may be other files there.
-------------------Hijackthis log---------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:59 PM, on 1/28/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Maria\Desktop\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 12424 bytes
--------------------GMER log-------------------------------------------
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-01-28 17:05:15
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002f rev.DS1M 465.76GB
Running: j8g6et71.exe; Driver: C:\Users\Maria\AppData\Local\Temp\awtiqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffb5d1f1f6a 4 bytes [1F, 5D, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffb5d1f1f82 4 bytes [1F, 5D, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe[4220] C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\SYSTEM\MSMAPI\1033\MSMAPI32.DLL!MAPIUnini tialize + 77 000000005c451320 4 bytes [D7, 79, 6E, 04]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [512:536] fffff960008874d0
Thread C:\Windows\System32\SettingSyncHost.exe [3972:2932] 00007ffb4f1964f4
---- Processes - GMER 2.1 ----
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe [4220] 0000000056dc0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Could not, for the life of me, figure out how to run DDS by sUBs. It just would not open. Hope this is enough. Thanks
-------------------Hijackthis log---------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:59 PM, on 1/28/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Maria\Desktop\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 12424 bytes
--------------------GMER log-------------------------------------------
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-01-28 17:05:15
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002f rev.DS1M 465.76GB
Running: j8g6et71.exe; Driver: C:\Users\Maria\AppData\Local\Temp\awtiqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\WLANExt.exe[1164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffb5d1f1f6a 4 bytes [1F, 5D, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1648] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffb5d1f1f82 4 bytes [1F, 5D, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1808] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2008] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2036] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2324] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\igfxpers.exe[4988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[5016] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ffb671c169a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ffb671c16a2 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ffb671c181a 4 bytes [1C, 67, FB, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6476] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ffb671c1832 4 bytes [1C, 67, FB, 7F]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe[4220] C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\SYSTEM\MSMAPI\1033\MSMAPI32.DLL!MAPIUnini tialize + 77 000000005c451320 4 bytes [D7, 79, 6E, 04]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [512:536] fffff960008874d0
Thread C:\Windows\System32\SettingSyncHost.exe [3972:2932] 00007ffb4f1964f4
---- Processes - GMER 2.1 ----
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleOutlookDAVConfig.exe [4220] 0000000056dc0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Could not, for the life of me, figure out how to run DDS by sUBs. It just would not open. Hope this is enough. Thanks