Jump to content

ssander0000

Members
  • Posts

    15
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Yes...feel free to close this out...it appears to have turned out to be nothing. SS
  2. It appears to be just a popup on businessinsider.com. It only happened on that site, and I had disable my blocker for that site. Once re-enabled, everything seems fine, now. Thanks to those who replied.
  3. I just now got a strange popup in the lower right corner of my screen called SailThru. I did not install it, and I want to permanently remove it. A scan found no issues. Any ideas on what it is and how to remove it?
  4. Looks like all is well...(and it also fixed a different minor adware issue with IE) -- thanks so much for all your help. SS
  5. ...and the Malwarebytes Log: ==================================== Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2013.08.25.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16660Steve :: STEVE-OPTIPLEX [administrator] Protection: Enabled 8/25/2013 7:19:45 PMmbam-log-2013-08-25 (19-19-45).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 248960Time elapsed: 11 minute(s), 1 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  6. ...and here is the log from AdwCleaner: ============================================== # AdwCleaner v3.001 - Report created 25/08/2013 at 19:10:46# Updated 24/08/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Steve - STEVE-OPTIPLEX# Running from : C:\Users\Steve\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v22.0 (en-US) [ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\fzkp28j0.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1501 octets] - [25/08/2013 14:26:03]AdwCleaner[R1].txt - [1009 octets] - [25/08/2013 19:10:19]AdwCleaner[s0].txt - [1532 octets] - [25/08/2013 14:27:00]AdwCleaner[s1].txt - [932 octets] - [25/08/2013 19:10:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [991 octets] ##########
  7. OK...I'm starting from the beginning again...Here is the JRT Log: ======================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.5.4 (08.22.2013:1)OS: Windows 7 Professional x64Ran by Steve on Sun 08/25/2013 at 19:01:58.48~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 08/25/2013 at 19:06:58.29End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. IMPORTANT NOTE: I just realized that I had forgotten to do Step 1 - deleting the Coupon Companion Plugin and Coupon Printer for Windows. I just did that...but i think they were already somehow deleted by those two apps I ran...they only needed to be removed from the program list. Sorry about the carelessness...If necessary let me know if I should re-start the cleaning process again. SS
  9. Here is the MBAM log...but, even though there were 5 flagged files that I had the program delete, it did not bring a log up...just the Restart Button box -- which I did. There doesn't seem to be anything of interest in this log file. 2013/08/25 07:54:17 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 07:54:17 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 07:54:17 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 07:54:18 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 08:08:13 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 08:08:13 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 08:08:13 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 08:08:14 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 11:05:19 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 11:05:19 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 11:05:19 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 11:05:20 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 11:10:23 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 11:10:23 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 11:10:23 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 11:10:24 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 11:14:04 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 11:14:04 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 11:14:04 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 11:14:05 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 11:26:25 -0400 STEVE-OPTIPLEX Steve MESSAGE Starting protection 2013/08/25 11:26:25 -0400 STEVE-OPTIPLEX Steve MESSAGE Protection started successfully 2013/08/25 11:26:25 -0400 STEVE-OPTIPLEX Steve MESSAGE Starting IP protection 2013/08/25 11:26:26 -0400 STEVE-OPTIPLEX Steve MESSAGE IP Protection started successfully 2013/08/25 11:26:26 -0400 STEVE-OPTIPLEX Steve MESSAGE Starting database refresh 2013/08/25 11:26:26 -0400 STEVE-OPTIPLEX Steve MESSAGE Stopping IP protection 2013/08/25 11:26:26 -0400 STEVE-OPTIPLEX Steve MESSAGE IP Protection stopped successfully 2013/08/25 11:26:28 -0400 STEVE-OPTIPLEX Steve MESSAGE Database refreshed successfully 2013/08/25 11:26:28 -0400 STEVE-OPTIPLEX Steve MESSAGE Starting IP protection 2013/08/25 11:26:29 -0400 STEVE-OPTIPLEX Steve MESSAGE IP Protection started successfully 2013/08/25 11:28:17 -0400 STEVE-OPTIPLEX Steve MESSAGE Executing scheduled update: Daily 2013/08/25 11:28:20 -0400 STEVE-OPTIPLEX Steve MESSAGE Database already up-to-date 2013/08/25 14:28:16 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 14:28:17 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 14:28:17 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 14:28:18 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully 2013/08/25 14:47:01 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting protection 2013/08/25 14:47:02 -0400 STEVE-OPTIPLEX (null) MESSAGE Protection started successfully 2013/08/25 14:47:02 -0400 STEVE-OPTIPLEX (null) MESSAGE Starting IP protection 2013/08/25 14:47:03 -0400 STEVE-OPTIPLEX (null) MESSAGE IP Protection started successfully
  10. There was also an AdwCleaner[R0].txt file in the AdwCleaner directory: # AdwCleaner v3.001 - Report created 25/08/2013 at 14:26:03# Updated 24/08/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Steve - STEVE-OPTIPLEX# Running from : C:\Users\Steve\Desktop\AdwCleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Steve\AppData\Local\Temp\Uninstall.exeFolder Found C:\Users\Steve\AppData\Local\Temp\AirInstallerFolder Found C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\wecarereminderKey Found : [x64] HKCU\Software\wecarereminderKey Found : HKLM\Software\InfoAtomsKey Found : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v22.0 (en-US) [ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\fzkp28j0.default\prefs.js ] Line Found : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\[...] -\\ Google Chrome v [ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1353 octets] - [25/08/2013 14:26:03] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1413 octets] ##########
  11. AdwCleaner results: (Note...it never listed any items in the checkbox list after I had it "scan", so I just pressed "clean") # AdwCleaner v3.001 - Report created 25/08/2013 at 14:27:00# Updated 24/08/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Steve - STEVE-OPTIPLEX# Running from : C:\Users\Steve\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Steve\AppData\Local\Temp\AirInstallerFolder Deleted : C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIPFile Deleted : C:\Users\Steve\AppData\Local\Temp\Uninstall.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\wecarereminderKey Deleted : HKLM\Software\InfoAtomsKey Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v22.0 (en-US) [ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\fzkp28j0.default\prefs.js ] Line Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\":\"1&1 Internet Inc.\",\[...] -\\ Google Chrome v [ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1501 octets] - [25/08/2013 14:26:03]AdwCleaner[s0].txt - [1388 octets] - [25/08/2013 14:27:00] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1448 octets] ##########
  12. JRT RESULTS: ============================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.5.4 (08.22.2013:1)OS: Windows 7 Professional x64Ran by Steve on Sun 08/25/2013 at 14:17:33.50~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensionsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossriderSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancsSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021804.BHOSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021804.BHO.1Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021804.SandboxSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0021804.Sandbox.1Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222182204}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550255185504}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440244184404}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222182204}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550255185504}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244184404}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0021804.BHOSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0021804.BHO.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0021804.SandboxSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0021804.Sandbox.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550255185504}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440244184404}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550255185504}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244184404}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181104} ~~~ Files Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"Successfully deleted: [File] "C:\end"
  13. Attach.txt ======================================= .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2Install Date: 8/16/2011 9:54:27 AMSystem Uptime: 8/25/2013 11:24:58 AM (0 hours ago).Motherboard: Dell Inc. | | 0HY9JPProcessor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 220 GiB total, 112.056 GiB free.D: is CDROM ()E: is CDROM (CDFS)F: is CDROM (CDFS)G: is FIXED (NTFS) - 931 GiB total, 640.744 GiB free.H: is CDROM (UDF)I: is FIXED (NTFS) - 699 GiB total, 259.801 GiB free.L: is FIXED (NTFS) - 931 GiB total, 278.848 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}Description: PS/2 Compatible MouseDevice ID: ACPI\PNP0F13\5&37175C19&0Manufacturer: MicrosoftName: PS/2 Compatible MousePNP Device ID: ACPI\PNP0F13\5&37175C19&0Service: i8042prt.==== System Restore Points ===================.RP324: 8/15/2013 3:00:13 AM - Windows UpdateRP325: 8/20/2013 2:19:36 AM - Windows UpdateRP326: 8/25/2013 8:05:44 AM - Removed FreeRIP Toolbar v7.4.RP327: 8/25/2013 11:32:29 AM - Windows Update.==== Installed Programs ======================.Adobe Acrobat X Pro - English, Français, DeutschAdobe AIRAdobe Community HelpAdobe Content ViewerAdobe Creative Suite 5.5 Design PremiumAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe PageMaker 7.0Adobe Photoshop 7.0Adobe Reader X (10.1.7)Adobe SVG Viewer 3.0Adobe Widget BrowserAdvanced Replacer 2.5Apple Application SupportApple Mobile Device SupportApple Software UpdateAuslogics Duplicate File FinderBioAPI FrameworkBook CollectorBulk Rename Utility 2.7.1.1Canon CanoScan LiDE 700F User RegistrationCanon DIGITAL CAMERA Solution Disk Software GuideCANON iMAGE GATEWAY MyCamera Download PluginCANON iMAGE GATEWAY Task for ZoomBrowser EXCanon MOV DecoderCanon MOV EncoderCanon MovieEdit Task for ZoomBrowser EXCanon MP Navigator EX 2.1Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User GuideCanon Utilities CameraWindow DC 8Canon Utilities CameraWindow LauncherCanon Utilities Movie Uploader for YouTubeCanon Utilities MyCameraCanon Utilities PhotoStitchCanon Utilities ZoomBrowser EXCanon ZoomBrowser EX Memory Card UtilityCanoScan LiDE 700F Scanner DriverCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCollectorz.com Book CollectorCool Edit Pro 2.0Coupon Companion PluginCoupon Printer for WindowsCustomCyberLink PowerDVD 9.5D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell Backup and Recovery ManagerDell Client System UpdateDell Data Protection | AccessDell Edoc ViewerDellAccessDirectX 9 RuntimeDropboxDVDFab Multi SetupEMBASSY Client CoreEMF Plug-InEye Candy 4000FileZilla Client 3.7.3Forté AgentFreeOCR 3.0FreeRIP 4.1.3GemaltoGoogle ChromeGoogle EarthGoogle Update HelperH&R Block Pennsylvania 2012H&R Block Premium + Efile + State 2012Intel® Control CenterIntel® Identity Protection Technology 1.2.27.0Intel® Management Engine ComponentsIntel® Network Connections 15.7.176.1Intel® Processor GraphicsIntel® Rapid Storage TechnologyIpswitch WS_FTP ProIrfanView (remove only)iTunesJava 7 Update 25Java Auto UpdaterJava 6 Update 22Java 6 Update 24 (64-bit)Java 6 Update 33Java 7 Update 5 (64-bit)Junk Mail filter updateKaren's Directory PrinterKPT 6Malwarebytes Anti-Malware version 1.75.0.1300McAfee AgentMcAfee VirusScan EnterpriseMemory-Map OS Edition Version 5Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft Application Error ReportingMicrosoft AutoRoute 2007Microsoft Expression Encoder 4 Screen Capture CodecMicrosoft IntelliPoint 8.2Microsoft Office 2010Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office FrontPage 2003Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft Silverlight 3 SDKMicrosoft Silverlight 4 SDKMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Streets & Trips 2007Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Microsoft_VC90_MFCLOC_x86Microsoft_VC90_MFCLOC_x86_x64MiniTool Power Data RecoveryMozilla Firefox 22.0 (x86 en-US)Mozilla Maintenance ServiceMP3 Surgeon 2.1Mp3tag v2.52MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)My Family TreeNeat Image v7.0 Pro plug-in for Photoshop (64-bit)NEC Electronics USB 3.0 Host Controller Driver (1.0.7.0Beta)NTRU TCG Software StackOpenOffice.org 3.4.1PC-CCIDPDF Settings CS5PhotoShowExpressPreboot ManagerPrimoPDF -- brought to you by Nitro PDF SoftwarePrivate Information ManagerQuicken WillMaker Plus 2009QuickTimeRBVirtualFolder64InstReader for PCRealtek High Definition Audio DriverRenesas Electronics USB 3.0 Host Controller DriverRoxio Activation ModuleRoxio BackOnTrackRoxio BurnRoxio Creator StarterRoxio Express Labeler 3Roxio File BackupSansa UpdaterSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionSelectionLinksSES DriverSkinsSonic CinePlayer Decoder PackSPBA 5.9STDU Viewer version 1.6.66.0Switch Sound File ConverterSyncBackSyncBackFreeThe Rosetta StoneThumbsPlus version 6.0toolkit32for64bitTrend Micro Client/Server Security AgentTrusted Drive ManagerTurboTax 2011TurboTax 2011 WinPerFedFormsetTurboTax 2011 WinPerReleaseEngineTurboTax 2011 WinPerTaxSupportTurboTax 2011 wpaiperTurboTax 2011 wrapperUltimateISOMaker 2.0Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpek Touchchip Fingerprint ReaderVirtualCloneDriveVLC media player 2.0.7Wave Crypto Runtime 2.0.7.0 x86Wave Infrastructure InstallerWave Support Software InstallerWinampWinamp Detector Plug-inWindows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 4.00 (64-bit)WinZipWPF Toolkit February 2010 (Version 3.5.50211.1).==== Event Viewer Messages From Past Week ========.8/25/2013 7:53:16 AM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.8/25/2013 11:25:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Acrobat Update Service service to connect.8/25/2013 11:25:20 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.8/25/2013 11:19:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}8/25/2013 11:19:15 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:19:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}8/25/2013 11:19:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}8/25/2013 11:19:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}8/25/2013 11:19:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}8/25/2013 11:19:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}8/25/2013 11:18:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}8/25/2013 11:18:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TdmService with arguments "" in order to run the server: {2F723A84-FD6F-4C32-9477-391FA6EA0BB6}8/25/2013 11:18:40 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache ElbyCDIO mfehidk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx tmlwf tmtdi Wanarpv6 WfpLwf8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Trend Micro Client/Server Security Agent service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Trend Micro Client/Server Security Agent Listener service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/25/2013 11:18:40 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning..==== End Of File ===========================
  14. DDS: TXT ============================ DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2Run by Steve at 11:44:23 on 2013-08-25Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8149.5848 [GMT -4:00].AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exeC:\Windows\system32\atieclxx.exeC:\Program Files\Common Files\SPBA\upeksvr.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exeC:\Windows\system32\mfevtps.exeC:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exec:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEc:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exec:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exec:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exec:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedc:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exeC:\Program Files\Realtek\Audio\HDA\RtDCpl64.exeC:\dell\DBRM\Reminder\DbrmTrayicon.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exec:\Program Files (x86)\Trend Micro\Client Server Security Agent\CNTAoSMgr.exeC:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files\Microsoft IntelliPoint\dpupdchk.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Users\Steve\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\WinZip\WZQKPICK.EXEC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exec:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Trend Micro\Client Server Security Agent\PccNtMon.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exeC:\Program Files (x86)\Winamp\winampa.exeC:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exeC:\Program Files (x86)\McAfee\Common Framework\McTray.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\QuickTime\QTTask.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXEC:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\splwow64.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uWindow Title = Internet Explorer, optimized for Bing and MSNmWinlogon: Userinit = userinit.exe,BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dllBHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110816105120.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dlluRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"uRun: [Google Update] "C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [AdobeBridge] <no file>mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"mRun: [OfficeScanNT Monitor] "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindowmRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKeymRun: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONEmRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbyloginmRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\Steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Steve\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files (x86)\WinZip\WZQKPICK.EXEmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: DisableCAD = dword:1IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - TCP: NameServer = 192.168.1.1TCP: Interfaces\{53C916F0-F2D0-44B7-90A1-2B595F86C844} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLLSA: Authentication Packages = msv1_0 wvauthx64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dllx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110816105120.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exex64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exex64-RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exex64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dllx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\fzkp28j0.default\FF - prefs.js: network.proxy.type - 0FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-08-24 13:30; savingsslider@mybrowserbar.com; C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\fzkp28j0.default\extensions\savingsslider@mybrowserbar.com.---- FIREFOX POLICIES ----user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: general.useragent.extra.brc - .============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-8-16 607152]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-8-16 281544]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-8-10 55856]R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2009-7-15 200720]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-8-10 203776]R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-1-17 218504]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-10 13336]R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-8-10 165032]R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2012-5-21 212984]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-11 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-11 701512]R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2011-1-12 120128]R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-8-16 190256]R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2011-1-12 209760]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-8-16 156248]R2 svcGenericHost;Trend Micro Client/Server Security Agent;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [2010-7-5 45056]R2 TmFilter;Trend Micro Filter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [2010-5-11 265744]R2 TmPreFilter;Trend Micro PreFilter;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmpreflt.sys [2010-5-11 42000]R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2009-7-15 339984]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-4-16 2595832]R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-1-5 1679872]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-9-4 25928]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-8-16 217696]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-19 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-19 181248]R3 TmPfw;Trend Micro Client/Server Security Agent Personal Firewall;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmPfw.exe [2009-7-15 595960]R3 TmProxy;Trend Micro Client/Server Security Agent Proxy Service;C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [2009-7-15 917768]R3 VST64_DPV;VST64_DPV;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]R3 VST64HWBS2;VST64HWBS2;C:\Windows\System32\drivers\VSTBS26.SYS [2009-7-13 411136]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2013-4-16 219632]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-10 317440]S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-8-16 97960]S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2013-4-16 517096]S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-17 1255736]S3 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-1-16 198144]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.FileExt: .txt: Applications\PFE32.EXE="C:\Program Files\PFE\PFE32.EXE" "%1" [userChoice]FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-08-25 15:33:09 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B996F55D-7F48-4750-9610-F3329915400D}\mpengine.dll2013-08-24 17:30:38 -------- d-----w- C:\Users\Steve\AppData\Roaming\Slick Savings2013-08-24 17:30:38 -------- d-----w- C:\Users\Steve\AppData\Local\Slick Savings2013-08-24 17:30:35 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot2013-08-24 17:30:17 -------- d-----w- C:\ProgramData\FreeRIP MP3 Converter2013-08-15 07:01:16 -------- d-----w- C:\Windows\System32\MRT2013-08-14 22:16:30 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 22:16:29 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 22:16:29 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 22:16:29 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-14 22:16:27 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 22:16:27 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 22:16:26 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-14 22:16:26 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-14 22:16:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-14 22:16:01 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-07 16:26:45 -------- d-----w- C:\Users\Steve\AppData\Local\{E47ABCD1-4F99-4D40-9D49-90E33A2F02D8}.==================== Find3M ====================.2013-08-15 08:59:26 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-15 08:59:26 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-25 21:17:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-06-25 21:17:45 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-06-25 21:17:44 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-06-24 09:36:13 1901 ----a-w- C:\Windows\panose.bin2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll.============= FINISH: 11:46:05.19 ===============
  15. This just started about an hour ago, and I haven't downloaded anything new. When I click on the Home button it goes to: http://search.yahoo.com/?type=386496&fr=spigot-yhp-ie (in IE)http://search.yahoo.com/?type=386496&fr=spigot-yhp-ch (in chrome)http://search.yahoo.com/?type=386496&fr=spigot-yhp-ff (in Firefox)Note: The yhp- designation in the URL indicates its knowledge of the browser. All the URLs have "spigot" in them, and I have uninstalled a couple of items (using control panel) that had Spigot as the publisher, but that hasn't helped. Nor has running the Flash Scan...which deletes the items, but hasn't solved the problem. Thanks for any help. SS
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.