injustcuz

thank you very much for your time!

AdwCleaner actually cleared up almost all visible issues. But it makes me wonder if there is anything in the logs that looks like it shouldnt be there

########################## ROGUE KILLER REPORT ########################## RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : DP [Admin rights] Mode : Scan -- Date : 06/14/2013 14:35:02 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost #[iPv6] 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 ca.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 achmedia.com 127.0.0.1 csh.actiondesk.com 127.0.0.1 www.activemeter.com #[Tracking.Cookie] 127.0.0.1 ads.activepower.net [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK1059GSM +++++ --- User --- [MBR] 3df9bb0eb4101d9d8825ee7f7d8eaec8 [bSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 938710 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1922887680 | Size: 14856 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1953312768 | Size: 102 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] e9db50b585bb6053fe928f1845a2075a [bSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo Finished : << RKreport[1]_S_06142013_02d1435.txt >> RKreport[1]_S_06142013_02d1435.txt

########################## ATTACH - ######################## . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/13/2011 4:23:40 PM System Uptime: 6/14/2013 11:10:37 AM (3 hours ago) . Motherboard: Hewlett-Packard | | 3389 Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1600mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 917 GiB total, 687.589 GiB free. D: is FIXED (NTFS) - 15 GiB total, 1.612 GiB free. E: is CDROM () F: is FIXED (FAT32) - 0 GiB total, 0.082 GiB free. G: is CDROM (CDFS) H: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP198: 6/13/2013 3:00:13 AM - Windows Update RP199: 6/13/2013 12:37:31 PM - Installed Microsoft Fix it 50756 RP200: 6/14/2013 3:04:35 AM - Removed Typing Instructor Platinum. . ==== Hosts File Hijack ====================== . Hosts: 127.0.0.1 ads.mcafee.com Hosts: 127.0.0.1 analytics.microsoft.com Hosts: 127.0.0.1 metrics.bitdefender.com Hosts: 127.0.0.1 metrics.mcafee.com Hosts: 127.0.0.1 om.symantec.com Hosts: 127.0.0.1 ox-d.majorgeeks.com Hosts: 127.0.0.1 ads.bleepingcomputer.com Hosts: 127.0.0.1 wdcs.trendmicro.com . ==== Installed Programs ====================== . AceReader Pro Deluxe Plus ActiveState Komodo Edit 7.0.2 Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Dreamweaver CS6 Adobe Fireworks CS6 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Flash Professional CS6 Adobe Help Manager Adobe Illustrator CS6 Adobe InDesign CS6 Adobe Muse Adobe Photoshop CS6 Adobe Reader X (10.1.4) MUI Adobe Shockwave Player 11.5 Adobe Widget Browser Advanced SystemCare 6 Agatha Christie - Peril at End House AMD APP SDK Runtime AMD Catalyst Install Manager ASPCA Reminder by We-Care.com v4.1.22.1 AuthenTec TrueAPI avast! Free Antivirus Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Business Plan Pro 15th Anniversary Edition Cake Mania Camtasia Studio 8 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Professional CDDRV_Installer Chuzzle Deluxe Combined Community Codec Pack 2013-04-20 Counter-Strike Counter-Strike: Global Offensive Beta Counter-Strike: Source Beta CyberLink PowerDVD CyberLink YouCam D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition DHTML Editing Component Diablo III Diner Dash 2 Restaurant Rescue DivX Setup Dora's World Adventure Dota 2 Dota 2 Test Dropbox DVD Flick 1.3.0.7 Energy Star Digital Logo erLT ESU for Microsoft Windows 7 Evernote v. 4.2.2 Facebook Video Calling 1.2.0.287 Farm Frenzy FATE - The Traitor Soul FileZilla Client 3.5.3 Fraps v3.5.99 Build 15618 Game Booster 3 GOM Player Google Chrome Google Drive Google Earth Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP 3D DriveGuard HP Auto HP Client Services HP Connection Manager HP Customer Experience Enhancements HP Documentation HP Games HP MovieStore HP On Screen Display HP Power Manager HP Product Detection HP Quick Launch HP Setup HP Setup Manager HP SimplePass 2011 HP Software Framework HP Support Assistant IDT Audio Intel PROSet Wireless Intel® Control Center Intel® Display Audio Driver Intel® Management Engine Components Intel® Processor ID Utility Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® Rapid Storage Technology Intel® Wireless Display Intel® PROSet/Wireless WiFi Software IZArc 4.1.6 Java 7 Update 21 Java Auto Updater Java 6 Update 22 Java 6 Update 24 (64-bit) Java 6 Update 32 JavaFX 2.1.0 Junk Mail filter update KhalInstallWrapper Logitech SetPoint Mah Jong Medley Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliPoint 8.2 Microsoft Mathematics (64-bit) Microsoft Mathematics Add-in (64-bit) Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser Mumble 1.2.3 Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN NaturalReaderFree Notepad++ OpenOffice.org 3.3 PDF Settings CS6 Penguins! Perfect Photo Suite 7.1.1 Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer PowerStrip 3 (remove only) puush PX Profile Update RadeonPro 1.0 (Build 1.1.0.6) Real Alternative 1.8.0 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader Recovery Manager Renesas Electronics USB 3.0 Host Controller Driver Rosetta Stone Ltd Services Rosetta Stone TOTALe RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Service Installer II Skype™ 6.1 Slingo Supreme Smart Defrag 2 Spotify StarCraft II Steam Synaptics TouchPad Driver System Requirements Lab CYRI System Requirements Lab for Intel TeamViewer 8 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Update Installer for WildTangent Games App Validity WBF DDK VC80CRTRedist - 8.0.50727.6195 Ventrilo Client Ventrilo Client for Windows x64 Vertus Fluid Mask 3 3.2.5 Virtual Villagers 4 - The Tree of Life VLC media player 2.0.6 Web CEO 9.0 Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinWay Resume Deluxe WinZip Pro 17.5 Build 10480 (64bit) Xara Web Designer 7 Premium Xara Web Designer 7 Premium Content Pack Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 6/8/2013 12:09:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 6/8/2013 12:09:11 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 6/8/2013 12:09:11 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173. 6/7/2013 12:12:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 6/7/2013 12:12:14 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/14/2013 11:13:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. 6/14/2013 11:11:32 AM, Error: Application Popup [1060] - \SystemRoot\system32\DRIVERS\hidusbf.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 6/12/2013 12:47:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. 6/12/2013 12:47:13 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== ################################################################# DDS ######################################################## DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2 Run by DP at 14:27:11 on 2013-06-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16332.11994 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\HPTools\platform\windows\cronsvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\Windows\System32\rundll32.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\DP\AppData\Roaming\Spotify\spotify.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\BRS.EXE C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = hxxp://www.google.com/ie uSearch Page = hxxp://www.google.com mStart Page = hxxp://www.google.com uURLSearchHooks: <No Name>: - LocalServer32 - <no file> uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [Google Update] "C:\Users\DP\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [spotify Web Helper] "C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [spotify] "C:\Users\DP\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [AdobeBridge] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\DP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\141413 : DHCPNameServer = 68.190.192.35 71.9.127.107 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\141423 : DHCPNameServer = 68.190.192.35 71.9.127.107 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\161663 : DHCPNameServer = 68.190.192.35 71.9.127.107 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\342455 : DHCPNameServer = 4.2.2.1 8.8.8.8 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\5463 : DHCPNameServer = 68.190.192.35 71.9.127.107 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\5683 : DHCPNameServer = 68.190.192.35 71.9.127.107 TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\A565437424 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E717900E-CB9C-4BC0-A7E8-BA5ECF551797} : DHCPNameServer = 68.190.192.35 71.9.127.107 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL Hosts: 127.0.0.1 ads.mcafee.com Hosts: 127.0.0.1 analytics.microsoft.com Hosts: 127.0.0.1 metrics.bitdefender.com Hosts: 127.0.0.1 metrics.mcafee.com Hosts: 127.0.0.1 om.symantec.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\DP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\DP\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll FF - plugin: C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-05-19 14:05; ascsurfingprotection@iobit.com; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\ascsurfingprotection@iobit.com FF - ExtSQL: 2013-05-19 16:19; mozilla_cc@internetdownloadmanager.com; C:\Users\DP\AppData\Roaming\IDM\idmmzcc5 FF - ExtSQL: 2013-05-19 19:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF - ExtSQL: 2013-06-04 11:30; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi FF - ExtSQL: 2013-06-08 11:16; videosaver@videosaver.net; C:\Program Files (x86)\VideoSaver\FF FF - ExtSQL: 2013-06-14 01:28; wecarereminder@bryan; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\wecarereminder@bryan . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-19 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-19 189936] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-5-19 17720] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-19 1025808] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-19 378432] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-13 283200] R1 PStrip64;PStrip64;C:\Windows\System32\drivers\pstrip64.sys [2011-11-15 13008] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-5-19 574272] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-25 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-2 204288] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-19 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-19 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-19 46808] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952] R2 CronService;Cron Service for Prey;C:\HPTools\platform\windows\cronsvc.exe [2013-5-8 23552] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-5 13592] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-11-25 2413056] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-28 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-24 701512] R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2013-5-19 71280] R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2012-7-20 12800] R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-19 3574624] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-5 2656280] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-5 317440] R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-6-2 12289472] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-2-24 25928] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-11-25 91648] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-11-25 208896] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-5 338536] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-5 428136] R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-16 42392] S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/16 22:34:22;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;C:\Windows\System32\drivers\hidusbf.sys [2006-11-8 4096] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-15 1255736] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2013-5-19 14544] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-06-13 19:41:56 -------- d-----w- C:\ProgramData\MAGIX 2013-06-13 19:41:55 -------- d-----w- C:\Users\DP\AppData\Roaming\MAGIX 2013-06-13 19:40:57 -------- d-----w- C:\Users\DP\AppData\Local\Xara 2013-06-13 19:40:29 -------- d-----w- C:\ProgramData\Xara 2013-06-13 19:40:29 -------- d-----w- C:\Program Files (x86)\Xara 2013-06-12 19:49:51 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-07 06:56:53 -------- d-----w- C:\Windows\Downloaded Installations 2013-06-04 18:30:26 -------- d-----w- C:\Program Files (x86)\pazera-software 2013-06-04 18:24:52 -------- d-----w- C:\Program Files (x86)\MyPC Backup 2013-06-04 18:24:42 33958 ----a-w- C:\ProgramData\uninstaller.exe 2013-06-04 18:23:44 -------- d--h--w- C:\ProgramData\Common Files 2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi 2013-05-20 04:13:49 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2013-05-20 03:46:07 -------- d-----w- C:\Users\DP\AppData\Local\Business Plan Pro Samples 2013-05-20 03:43:27 -------- d-----w- C:\Users\DP\AppData\Local\IsolatedStorage 2013-05-20 03:41:58 -------- d-----w- C:\ProgramData\IsolatedStorage 2013-05-20 03:41:52 -------- d-----w- C:\Users\DP\AppData\Roaming\bppenu11 2013-05-20 03:41:52 -------- d-----w- C:\Users\DP\AppData\Local\Palo_Alto_Software 2013-05-20 03:39:23 -------- d-----w- C:\Program Files (x86)\Business Plan Pro 2013-05-20 03:38:00 -------- d-----w- C:\Users\DP\AppData\Local\Downloaded Installations 2013-05-20 03:35:26 453632 ----a-w- C:\Windows\SysWow64\stdvcl40.dll 2013-05-20 03:35:25 -------- d-----w- C:\Users\DP\AppData\Local\Web CEO 2013-05-20 03:11:22 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat 2013-05-20 03:10:16 -------- d-----w- C:\HPTools 2013-05-20 02:53:45 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-05-20 02:51:30 -------- d-----w- C:\Program Files\Microsoft Mathematics Add-in 2013-05-20 02:49:55 -------- d-----w- C:\Program Files\Microsoft Mathematics 2013-05-20 02:39:26 -------- d-----w- C:\Users\DP\AppData\Roaming\QFX Software 2013-05-20 02:39:26 -------- d-----w- C:\ProgramData\QFX Software 2013-05-20 02:07:14 -------- d-----w- C:\Users\DP\AppData\Local\TechSmith 2013-05-20 02:03:53 -------- d-----w- C:\Users\DP\AppData\Roaming\TechSmith 2013-05-20 01:58:16 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared 2013-05-20 01:56:17 -------- d-----w- C:\ProgramData\ALM 2013-05-20 01:53:56 -------- d-----w- C:\Users\DP\AppData\Roaming\WinWay 2013-05-20 01:52:51 -------- d-----w- C:\Program Files (x86)\WinWay Resume 2013-05-20 01:46:49 -------- d-----w- C:\Program Files (x86)\Portable 2013-05-20 01:36:39 -------- d-----w- C:\Users\DP\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2013-05-20 01:26:40 -------- d-----w- C:\Users\DP\AppData\Local\WinZip 2013-05-20 01:23:07 -------- d-----w- C:\ProgramData\Nalpeiron 2013-05-20 01:22:16 -------- d-----w- C:\Users\DP\AppData\Roaming\onOne Software 2013-05-20 01:19:44 71280 ----a-w- C:\Windows\SysWow64\nlssrv32.exe 2013-05-20 01:19:44 -------- d-----w- C:\Program Files\onOne Software 2013-05-20 01:19:41 71280 ----a-w- C:\Windows\System32\nlssrv32.exe 2013-05-20 01:19:41 -------- d-----w- C:\Windows\SysWow64\spool 2013-05-20 01:19:41 -------- d-----w- C:\Program Files (x86)\onOne Software 2013-05-20 01:19:27 -------- d-----w- C:\ProgramData\onOne Software 2013-05-20 01:12:32 -------- d-----w- C:\Program Files\1-click run 2013-05-20 01:08:20 -------- d-----w- C:\ProgramData\Individual Software 2013-05-20 01:08:20 -------- d-----w- C:\Program Files (x86)\Individual Software 2013-05-20 01:00:46 -------- dc-h--w- C:\ProgramData\{70E22094-D034-40C3-89F7-AA970A0C0232} 2013-05-20 00:59:36 -------- d-----w- C:\Program Files (x86)\Vertus Fluid Mask 3 2013-05-20 00:41:57 -------- d-----w- C:\Windows\AutoKMS 2013-05-20 00:33:00 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2013-05-20 00:31:33 -------- d-----w- C:\Windows\PCHEALTH 2013-05-20 00:31:33 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2013-05-20 00:30:00 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-05-20 00:29:14 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2013-05-20 00:29:14 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2013-05-20 00:29:05 -------- d-----w- C:\Windows\SHELLNEW 2013-05-20 00:28:40 -------- d-----w- C:\Users\DP\AppData\Local\Microsoft Help 2013-05-20 00:21:37 -------- d-----w- C:\Users\DP\AppData\Roaming\TeamViewer 2013-05-20 00:13:33 -------- d-----w- C:\ProgramData\CrypKey 2013-05-20 00:12:07 30272 ----a-w- C:\Windows\System32\Ckldrv.sys 2013-05-20 00:12:07 165888 ----a-r- C:\Windows\Ckconfig.exe 2013-05-20 00:12:07 126976 ----a-w- C:\Windows\System32\Crypserv.exe 2013-05-20 00:11:58 -------- d-----w- C:\ProgramData\AceReader Pro Deluxe Plus 2013-05-20 00:11:58 -------- d-----w- C:\Program Files (x86)\AceReader Pro Deluxe Plus 2013-05-19 23:33:11 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-05-19 23:33:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-05-19 23:27:02 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-05-19 23:26:31 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack 2013-05-19 23:19:18 -------- d-----w- C:\Users\DP\AppData\Roaming\DMCache 2013-05-19 23:19:18 -------- d-----w- C:\ProgramData\IDM 2013-05-19 23:19:13 -------- d-----w- C:\Program Files (x86)\Internet Download Manager 2013-05-19 23:06:19 32600 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe 2013-05-19 23:06:10 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys 2013-05-19 22:53:31 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-05-19 22:53:29 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-05-19 22:53:23 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-05-19 22:52:55 41664 ----a-w- C:\Windows\avastSS.scr 2013-05-19 22:52:46 -------- d-----w- C:\ProgramData\AVAST Software 2013-05-19 22:52:46 -------- d-----w- C:\Program Files\AVAST Software 2013-05-19 22:50:50 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-05-19 22:50:47 -------- d-----w- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453} 2013-05-19 22:50:20 -------- d-----w- C:\Users\DP\AppData\Roaming\IObit 2013-05-19 22:50:16 -------- d-----w- C:\ProgramData\IObit 2013-05-19 22:50:16 -------- d-----w- C:\Program Files (x86)\IObit 2013-05-19 22:13:49 -------- d-----w- C:\Users\DP\AppData\Roaming\uTorrent 2013-05-19 22:07:00 -------- d-----w- C:\Program Files (x86)\TeamViewer 2013-05-19 08:55:49 -------- d-----w- C:\Users\DP\AppData\Roaming\com.adobe.WidgetBrowser 2013-05-19 03:26:07 -------- d-----w- C:\Users\DP\AppData\Roaming\PDAppFlex 2013-05-16 06:14:57 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2013-05-16 06:14:18 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2013-05-16 06:13:48 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2013-05-16 06:13:44 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . ==================== Find3M ==================== . 2013-06-12 21:09:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 21:09:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-20 02:53:36 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-05-20 02:53:36 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-04 21:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe . ============= FINISH: 14:27:54.19 ===============

The following is from AdwCleaner # AdwCleaner v2.303 - Logfile created 06/14/2013 at 09:54:48 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : DP - DP-HP # Boot Mode : Normal # Running from : C:\Users\DP\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\searchplugins\Conduit.xml File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\searchplugins\SweetIm.xml File Found : C:\Windows\Tasks\VideoSaver Update.job Folder Found : C:\Program Files (x86)\Common Files\spigot Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\VideoSaver Folder Found : C:\ProgramData\WeCareReminder Folder Found : C:\Users\DP\AppData\Local\Conduit Folder Found : C:\Users\DP\AppData\Local\Wajam Folder Found : C:\Users\DP\AppData\LocalLow\boost_interprocess Folder Found : C:\Users\DP\AppData\LocalLow\Conduit Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\CT3220468 Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\staged Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\wecarereminder@bryan Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\Smartbar Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\SweetPacksToolbarData Folder Found : C:\Users\DP\AppData\Roaming\registry mechanic Folder Found : C:\Users\DP\Documents\ShopToWin ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\Search Settings Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\videosaver Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} Key Found : HKCU\Software\wecarereminder Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36} Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\videosaver@videosaver.net Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16490 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C12D1993-CD44-11E2-BC1B-AC72897F49A9} -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\prefs.js Found : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...] Found : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2OTAwNTU4NywidXVpZCI6NzIwOTc3NDMyOTg0MzAwLCJ[...] Found : user_pref("CT3220468.BT_Usage", "{\"uuid\":720977432984300,\"seq_id\":4}"); Found : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA=="); Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT3220468.Facebook_Mode.enc", "Mg=="); Found : user_pref("CT3220468.Facebook_User_Locale.enc", "ZW4="); Found : user_pref("CT3220468.FirstTime", "true"); Found : user_pref("CT3220468.FirstTimeFF3", "true"); Found : user_pref("CT3220468.LoginRevertSettingsEnabled", true); Found : user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ=="); Found : user_pref("CT3220468.PG_ENABLE.enc", "ZEhKMVpRPT0="); Found : user_pref("CT3220468.RevertSettingsEnabled", true); Found : user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U="); Found : user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA=="); Found : user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzk0MjAxMzE1MTM1OTE0OTI3NDY="); Found : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...] Found : user_pref("CT3220468.UserID", "UN08777165793896347"); Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true"); Found : user_pref("CT3220468.autoDisableScopes", -1); Found : user_pref("CT3220468.browser.search.defaultthis.engineName", true); Found : user_pref("CT3220468.cb_experience_000.enc", "MTQ3"); Found : user_pref("CT3220468.cb_firstuse0100.enc", "MQ=="); Found : user_pref("CT3220468.cb_user_id_000.enc", "Q0IyNzgwNDc3NDE5NDlfMTM1OTIzNjQwMjk2M19GaXJlZm94"); Found : user_pref("CT3220468.cbcountry_001.enc", "VVM="); Found : user_pref("CT3220468.cbfirsttime.enc", "TW9uIE9jdCAxNSAyMDEyIDIwOjA5OjE1IEdNVC0wNzAwIChQYWNpZmljIERh[...] Found : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...] Found : user_pref("CT3220468.enableAlerts", "always"); Found : user_pref("CT3220468.enableFix404ByUser", "FALSE"); Found : user_pref("CT3220468.enableSearchFromAddressBar", "true"); Found : user_pref("CT3220468.firstTimeDialogOpened", "true"); Found : user_pref("CT3220468.fixPageNotFoundError", "true"); Found : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true"); Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true"); Found : user_pref("CT3220468.fixUrls", true); Found : user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9[...] Found : user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "op[...] Found : user_pref("CT3220468.installId", "fftD7C3.tmp.exe"); Found : user_pref("CT3220468.installType", "XPE"); Found : user_pref("CT3220468.isCheckedStartAsHidden", true); Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.isFirstTimeToolbarLoading", "false"); Found : user_pref("CT3220468.isNewTabEnabled", true); Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true"); Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Found : user_pref("CT3220468.keyword", true); Found : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...] Found : user_pref("CT3220468.lastVersion", "10.15.0.562"); Found : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2ODQ5MTQwNjA1Nw=="); Found : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24="); Found : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24="); Found : user_pref("CT3220468.migrateAppsAndComponents", true); Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Found : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Found : user_pref("CT3220468.search.searchAppId", "129813684258939747"); Found : user_pref("CT3220468.search.searchCount", "0"); Found : user_pref("CT3220468.searchInNewTabEnabledByUser", "true"); Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true"); Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1371198632322"); Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1371198632280"); Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1371198632161"); Found : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1371198631979"); Found : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1371198632285"); Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1371198632213"); Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1371198631982"); Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1371198630730"); Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1371198632105"); Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1371198632264"); Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1371198632254"); Found : user_pref("CT3220468.settingsINI", true); Found : user_pref("CT3220468.showToolbarPermission", "false"); Found : user_pref("CT3220468.smartbar.CTID", "CT3220468"); Found : user_pref("CT3220468.smartbar.Uninstall", "0"); Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 "); Found : user_pref("CT3220468.toolbarBornServerTime", "20-5-2013"); Found : user_pref("CT3220468.toolbarCurrentServerTime", "14-6-2013"); Found : user_pref("CT3220468.toolbarLoginClientTime", "Fri Jun 14 2013 01:28:30 GMT-0700 (Pacific Daylight T[...] Found : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Found : user_pref("browser.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid={C12D1993-CD44-11E2-BC1B-[...] Found : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...] Found : user_pref("smartbar.machineId", "X/KXYHII68BJM73JQ6GF3XUWTOY/TS+VKK5/FNP42GJBCCDAKLIM5J3/IASXMV7SC6D[...] Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false"); Found : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png"); Found : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing"); Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); Found : user_pref("sweetim.toolbar.Visibility.enable", "true"); Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Found : user_pref("sweetim.toolbar.cargo", "3.5000006.10045"); Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false"); Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false"); Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false"); Found : user_pref("sweetim.toolbar.defaultProvider", "bng"); Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...] Found : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Found : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...] Found : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp"); Found : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.mode.debug", "false"); Found : user_pref("sweetim.toolbar.newtab.created", "true"); Found : user_pref("sweetim.toolbar.newtab.enable", "true"); Found : user_pref("sweetim.toolbar.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid=$toolbar_id;&crg=[...] Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab"); Found : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...] Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.0.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*"); Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js"); Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Found : user_pref("sweetim.toolbar.scripts.2.callback", ""); Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Found : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Found : user_pref("sweetim.toolbar.search.history.capacity", "10"); Found : user_pref("sweetim.toolbar.searchguard.enable", "false"); Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Found : user_pref("sweetim.toolbar.simapp_id", "{C12D1993-CD44-11E2-BC1B-AC72897F49A9}"); Found : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://toolbar.sweetpacks.com/uninstallbar.asp?bar[...] Found : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.perion.com/contact-us"); Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://toolbar.sweetpacks.com"); Found : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.perion.com/privacy-policy"); Found : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://start.sweetpacks.com/?barid=$toolbar_id;"); Found : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://toolbar.sweetpacks.com/uninstall"); Found : user_pref("sweetim.toolbar.version", "1.13.0.1"); File : C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\7kzeohdp.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.110 File : C:\Users\DP\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [21867 octets] - [14/06/2013 09:54:48] ########## EOF - C:\AdwCleaner[R1].txt - [21928 octets] ########## The following is a HiJACKTHIS log ############################# ######################## ####################### Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 10:01:25 AM, on 6/14/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16490) CHROME: 27.0.1453.110 FIREFOX: 20.0.1 (en-US) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\DP\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\BRS.EXE C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\Downloads\HijackThis (1).exe C:\Users\DP\Downloads\adwcleaner.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C12D1993-CD44-11E2-BC1B-AC72897F49A9} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: VideoSaver - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\DP\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\DP\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = DP\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: (no name) - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (HKCU) O9 - Extra 'Tools' menuitem: We-Care Add-on - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: CyberLink Product - 2012/01/16 22:34:22 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\HPTools\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 20804 bytes