Jump to content

doelling

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by doelling

  1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.9 (01.01.2014:1) OS: Windows 7 Home Premium x64 Ran by Ben on Tue 01/07/2014 at 15:31:56.19 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnsbho.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wincore mediabar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{dd85d6bf-4787-4a93-99a5-3f0cf0ae8834} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422362228} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660066506658} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466366628} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422362228} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660066506658} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466366628} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660066506658} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466366628} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011431152} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011431152} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660066506658} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466366628} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0C9341DB-376B-D8F7-25CB-2CD0B66902E4} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\sho9226.tmp Successfully deleted: [File] C:\Windows\syswow64\shoC58F.tmp ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\ProgramData\speedypc software" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\ProgramData\wecarereminder" Successfully deleted: [Folder] "C:\Users\Ben\AppData\Roaming\big fish games" Successfully deleted: [Folder] "C:\Users\Ben\appdata\locallow\datamngr" Successfully deleted: [Folder] "C:\Users\Ben\appdata\locallow\mediabarim" Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com" Successfully deleted: [Folder] "C:\Program Files (x86)\oapps" Successfully deleted: [Folder] "C:\Program Files (x86)\savevalet" Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt" ~~~ FireFox Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml" Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml" Successfully deleted: [File] C:\Users\Ben\AppData\Roaming\mozilla\firefox\profiles\idofmqfj.default\user.js Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}" Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}" Successfully deleted: [Folder] C:\Users\Ben\AppData\Roaming\mozilla\firefox\profiles\idofmqfj.default\extensions\crossriderapp5058@crossrider.com Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\lesstabs@lesstabs.com Successfully deleted the following from C:\Users\Ben\AppData\Roaming\mozilla\firefox\profiles\idofmqfj.default\prefs.js user_pref("extensions.crossriderapp5058.adsOldValue", -1); ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 01/07/2014 at 15:38:25.06 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.016 - Report created 07/01/2014 at 15:41:31 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Ben - BOYS # Running from : C:\Users\Ben\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\iMesh Applications Folder Deleted : C:\Program Files (x86)\weDownload Manager Pro Folder Deleted : C:\Users\Ben\AppData\Local\PackageAware Folder Deleted : C:\Users\Ben\AppData\Local\Temp\AirInstaller Folder Deleted : C:\Users\Ben\AppData\LocalLow\wincoreimband Folder Deleted : C:\Users\Andrew\AppData\Local\apn Folder Deleted : C:\Users\Andrew\AppData\Local\PackageAware Folder Deleted : C:\Users\Andrew\AppData\LocalLow\mediabarim Folder Deleted : C:\Users\Andrew\AppData\LocalLow\wincoreimband Folder Deleted : C:\Users\Andrew\AppData\Roaming\DriverCure Folder Deleted : C:\Users\Andrew\AppData\Roaming\SpeedyPC Software Folder Deleted : C:\Users\Hope\AppData\Local\Searchprotect Folder Deleted : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\mediabarim Folder Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\mediabarim Folder Deleted : C:\Users\Hope\AppData\Roaming\Mozilla\Firefox\Profiles\z2fxzpgo.default\mediabarim Folder Deleted : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Folder Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Folder Deleted : C:\Users\Hope\AppData\Roaming\Mozilla\Firefox\Profiles\z2fxzpgo.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Folder Deleted : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} Folder Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\Extensions\ffxtlbr@funmoods.com Folder Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\Extensions\plugin@yontoo.com Folder Deleted : C:\Users\Hope\AppData\Roaming\Mozilla\Firefox\Profiles\z2fxzpgo.default\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com Folder Deleted : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb Folder Deleted : C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\searchplugins\Askcom.xml File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\searchplugins\funmoods.xml File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\searchplugins\Search_Results.xml File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\searchplugins\SweetIm.xml File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\user.js File Deleted : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage File Deleted : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal File Deleted : C:\Windows\Tasks\SaveSense.job File Deleted : C:\Windows\System32\Tasks\SaveSense ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13a747ac-0f75-4834-889a-033e8f849beb} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ff0943e-3ec4-4e3a-94c4-b7a2d3650ff6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c325bb22-92cd-42c3-99e5-6cb47d88377c} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c93b67c2-12bf-469d-9b8c-a20a807e7d99} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d71aadf3-fa71-478f-bd7a-c531dd46acb2} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13a747ac-0f75-4834-889a-033e8f849beb} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ff0943e-3ec4-4e3a-94c4-b7a2d3650ff6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c325bb22-92cd-42c3-99e5-6cb47d88377c} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c93b67c2-12bf-469d-9b8c-a20a807e7d99} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d71aadf3-fa71-478f-bd7a-c531dd46acb2} Key Deleted : HKCU\Software\FLEXnet Key Deleted : HKCU\Software\AppDataLow\Software\mediabarim Key Deleted : HKCU\Software\AppDataLow\Software\weDownload Manager Pro Key Deleted : HKLM\Software\iMeshMediabarTb Key Deleted : HKLM\Software\weDownload Manager Pro Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sl-apl Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro Key Deleted : [x64] HKLM\SOFTWARE\DataMngr Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v4.0.1 (en-US) [ File : C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\prefs.js ] Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); [ File : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\4ru8p80c.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); Line Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com"); Line Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000"); Line Deleted : user_pref("extensions.asktb.apn_dbr", "ff_4.0.1"); Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true); Line Deleted : user_pref("extensions.asktb.autofill-text-highlight-enabled", true); Line Deleted : user_pref("extensions.asktb.cbid", "FM"); Line Deleted : user_pref("extensions.asktb.config-updated", true); Line Deleted : user_pref("extensions.asktb.cr-o", "14193cr"); Line Deleted : user_pref("extensions.asktb.crumb", "2011.08.26+20.24.54-toolbar014iad-US-TG91aXN2aWxsZSxLWSxVbml0ZWQgU3RhdGVz"); Line Deleted : user_pref("extensions.asktb.displaybehavior", ""); Line Deleted : user_pref("extensions.asktb.displaytext", ""); Line Deleted : user_pref("extensions.asktb.dtid", "TES002R6US"); Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false); Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "USKY1096"); Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "F"); Line Deleted : user_pref("extensions.asktb.guid", "76112659-92b5-4c5f-8492-5fa2744843ef"); Line Deleted : user_pref("extensions.asktb.hpr", "YES"); Line Deleted : user_pref("extensions.asktb.if", "first"); Line Deleted : user_pref("extensions.asktb.l", "dis"); Line Deleted : user_pref("extensions.asktb.last-config-req", "1340398820105"); Line Deleted : user_pref("extensions.asktb.last-v", "3.14.1.100013"); Line Deleted : user_pref("extensions.asktb.locale", "en_US"); Line Deleted : user_pref("extensions.asktb.location", "Louisville,KY,United States"); Line Deleted : user_pref("extensions.asktb.lstation", ""); Line Deleted : user_pref("extensions.asktb.new-tab-enabled", true); Line Deleted : user_pref("extensions.asktb.o", "14193"); Line Deleted : user_pref("extensions.asktb.pstate", ""); Line Deleted : user_pref("extensions.asktb.qsrc", "2871"); Line Deleted : user_pref("extensions.asktb.sa", "YES"); Line Deleted : user_pref("extensions.asktb.saguid", "8DB8BCE3-5487-4290-BA2B-3B6DA08FDA67"); Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true); Line Deleted : user_pref("extensions.asktb.silent-upgrade", true); Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Line Deleted : user_pref("extensions.asktb.socialmini-first", true); Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000"); Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33"); Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30"); Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true); Line Deleted : user_pref("extensions.asktb.socialmini-speed", "5000"); Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false); Line Deleted : user_pref("extensions.asktb.themeid", ""); Line Deleted : user_pref("extensions.asktb.timeinstalled", "8/26/2011 11:26:58 PM"); Line Deleted : user_pref("extensions.asktb.to", ""); Line Deleted : user_pref("extensions.enabledAddons", "{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29,toolbar@ask.com:3.14.1.100013,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.6[...] Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Funmoods"); Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Funmoods"); [ File : C:\Users\Hope\AppData\Roaming\Mozilla\Firefox\Profiles\z2fxzpgo.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", ""); -\\ Google Chrome v [ File : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [20774 octets] - [07/01/2014 15:40:13] AdwCleaner[s0].txt - [19321 octets] - [07/01/2014 15:41:31] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [19382 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.07.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Ben :: BOYS [administrator] 1/7/2014 3:48:12 PM mbam-log-2014-01-07 (15-48-12).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 316590 Time elapsed: 14 minute(s), 21 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 3 C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0 (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\images (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. Files Detected: 5 C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\background.js (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\manifest.json (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\images\icon128.png (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\images\icon16.png (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. C:\Users\Hope\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.8_0\images\icon48.png (PUP.Optional.SaveSense.A) -> Quarantined and deleted successfully. (end)
  2. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2 Run by Ben at 17:46:19 on 2014-01-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5296 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe C:\Users\Ben\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Users\Ben\AppData\Local\Apps\2.0\AOJBWLJT.R0Q\AEPHHWPY.JLW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe C:\Users\Ben\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\WN311BFCS.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe C:\Program Files (x86)\Battle.net\Battle.net.4047\Battle.net.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Spotify\spotify.exe C:\Program Files (x86)\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Spotify\Data\SpotifyHelper.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Spotify\Data\SpotifyHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: SelectionLinks: {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} - C:\Program Files (x86)\OApps\SelectionLinks.dll BHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - uRun: [Google Update] "C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [Akamai NetSession Interface] "C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe" uRun: [TSMApplication] "C:\Users\Ben\Desktop\TSM_App_Full\TSMApplication.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AS00_WN311B] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe -hide mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe StartupFolder: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\Ben\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FOLDIN~1.LNK - C:\Program Files (x86)\FAHClient\HideConsole.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TCP: Interfaces\{4A5E37BC-1EEC-4086-9B08-2DA137387B61} : DHCPNameServer = 10.0.0.2 TCP: Interfaces\{4A5E37BC-1EEC-4086-9B08-2DA137387B61}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C1D00931-5880-4CC5-8915-4B5F45B64B91} : NameServer = 208.67.222.222,208.67.220.220,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 TCP: Interfaces\{C1D00931-5880-4CC5-8915-4B5F45B64B91}\37F6E676D27657563747 : DHCPNameServer = 74.128.17.114 74.128.19.102 192.168.33.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll AppInit_DLLs= C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll SSODL: WebCheck - <orphaned> x64-BHO: weDownload Manager Pro: {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Ben\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-26 254528] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-19 236544] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984] R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-19 15125280] R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2011-8-2 145256] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-21 689472] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 WN311BFCS;Netgear WN311B Wireless Control Service;C:\Windows\System32\WN311BFCS.exe --> C:\Windows\System32\WN311BFCS.exe [?] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-19 46136] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288] R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-19 266240] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-12-21 320040] R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-7-6 44928] R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160] R3 NTG43XX;NETGEAR 802.11 Network Adapter Driver;C:\Windows\System32\drivers\WN311B64.SYS [2012-6-16 3058168] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-19 39200] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-8-6 58112] S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-6-3 1471352] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-21 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== Created Last 30 ================ . 2014-01-05 10:11:58 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5B89EED-7CBC-41EA-959C-082D373F892D}\offreg.dll 2014-01-05 01:12:15 -------- d-----w- C:\Program Files (x86)\weDownload Manager Pro 2014-01-04 23:56:44 98304 ----a-r- C:\Users\Ben\AppData\Roaming\Microsoft\Installer\{E9D90870-AB19-32A8-AA93-F8348BA21D05}\python_icon.exe 2014-01-04 23:55:52 -------- d-----w- C:\Python33 2014-01-03 14:44:51 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5B89EED-7CBC-41EA-959C-082D373F892D}\mpengine.dll 2013-12-18 20:14:23 -------- d-----w- C:\Users\Ben\.worldoflogs 2013-12-15 06:17:53 -------- d-----w- C:\Users\Ben\AppData\Local\Skyrim 2013-12-12 08:02:39 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-12 08:02:39 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-12 08:02:38 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2013-12-12 08:02:38 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2013-12-11 20:44:03 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-11 20:44:03 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll . ==================== Find3M ==================== . 2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-11-19 08:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe 2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll 2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll 2013-11-11 15:01:58 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-11-11 13:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-10-16 00:48:05 1884448 ----a-w- C:\Windows\System32\nvdispco6433158.dll 2013-10-16 00:48:05 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433158.dll 2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx 2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx 2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe 2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe 2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe 2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe . ============= FINISH: 17:46:28.29 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 12/31/2010 4:31:48 PM System Uptime: 1/5/2014 9:51:50 PM (20 hours ago) . Motherboard: Dell Inc. | | 04GJJT Processor: AMD Athlon II X2 240 Processor | CPU 1 | 2800/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 456 GiB total, 184.719 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable I: is CDROM () Y: is FIXED (NTFS) - 10 GiB total, 3.93 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318} Description: Virtual Audio Cable Device ID: ROOT\MEDIA\0002 Manufacturer: EuMus Design Name: Virtual Audio Cable PNP Device ID: ROOT\MEDIA\0002 Service: EuMusDesignVirtualAudioCableWdm . ==== System Restore Points =================== . RP441: 1/6/2014 12:42:05 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) A Valley Without Wind Acoustica Effects Pack Acoustica Mixcraft 5 Adobe AIR Adobe Flash Media Live Encoder 3.2 Adobe Flash Player 11 ActiveX Adobe Reader 9.2 Age of Empires® III: Complete Collection Akamai NetSession Interface AMD Fuel Apple Application Support Apple Mobile Device Support Apple Software Update ARMA 2 ARMA 2: Operation Arrowhead ASIO4ALL Ask Toolbar Ask Toolbar Updater Autodesk Backburner 2014 Autodesk Composite 2014 Autodesk DirectConnect 2014 64-bit Autodesk MatchMover 2014 Autodesk Maya 2014 Awesomenauts Battle.net BattlEye for OA Uninstall Bing Bar BIT.TRIP BEAT Blender Bonjour Borderlands Borderlands 2 Brother MFL-Pro Suite DCP-J140W calibre Capsized Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Combat Arms Consumer In-Home Service Agreement CPUID CPU-Z 1.56 Crystal Reports for Visual Studio Curse Client DAEMON Tools Lite Dead Island Dear Esther Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Edoc Viewer Dell Getting Started Guide Diablo III Dota 2 Dotfuscator Software Services - Community Edition DubTurbo2 Dungeon Defenders Dungeons of Dredmor Dustforce EpicBot Fallout 3 Fallout 3 - The Garden of Eden Creation Kit Finale 2012 Finale Reader 2011 FL Studio 10 Fraps (remove only) Game Dev Tycoon version 1.3.4 GeForce Experience NvStream Client Components GnuWin32: Wget-1.11.4-1 Google Chrome Google Earth Google Update Helper GoToAssist 8.0.0.514 Grand Theft Auto IV Guns of Icarus Hearthstone Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054) Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054) Hotline Miami HP Memories Disc iCloud ImgBurn Insanely Twisted Shadow Planet Internet Explorer Toolbar 4.8 by SweetPacks iTunes Java 7 Update 45 Java Auto Updater Java 6 Update 21 (64-bit) Java 6 Update 29 Java 7 Update 4 (64-bit) JavaFX 2.1.1 Junk Mail filter update Kerbal Space Program Last.fm 1.5.4.27091 Little Inferno Machinarium Malwarebytes Anti-Malware version 1.75.0.1300 ManyCam 3.1.58 MapleStory MediaWidget 6.0 mental ray renderer for Autodesk Maya 2014 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Age of Empires II Microsoft Age of Empires II: The Conquerors Expansion Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Choice Guard Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Help Viewer 1.0 Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual C++ 2010 Express - ENU Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft Visual Studio 2010 IntelliTrace Collection (x64) Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Performance Collection Tools - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Visual Studio Macro Tools Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 4.0 Refresh Mozilla Firefox 4.0.1 (x86 en-US) MSI Afterburner 2.3.1 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Mumble 1.2.3 My Game Long Name Mystery Case Files - 13th Skull Collectors Edition Mystery Case Files - Ravenhearst 1.00 Mystery Case Files Dire Grove Collectors Edition (Updated) 1.1.5 Nuance PaperPort 12 Nuance PDF Viewer Plus NVIDIA 3D Vision Controller Driver 331.82 NVIDIA 3D Vision Driver 331.82 NVIDIA Control Panel 331.82 NVIDIA GeForce Experience 1.7.1 NVIDIA Graphics Driver 331.82 NVIDIA HD Audio Driver 1.3.26.4 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA PhysX NVIDIA PhysX System Software 9.13.0725 NVIDIA ShadowPlay 9.3.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update 9.3.21 NVIDIA Update Components NVIDIA Virtual Audio 1.2.9 Oblivion OpenAL OpenOffice.org 3.4.1 Origin PaperPort Image Printer 64-bit Proteus Psychonauts Python 2.7.3 Python 3.3.3 (64-bit) Q.U.B.E. Quantum Conundrum QuickTime RangeMax NEXT Wireless Adapter WN311B Realm of the Mad God Realtek High Definition Audio Driver RIFT ROBLOX Player ROBLOX Studio 2013 Rogue Legacy Demo version 1.0 Rogue Legacy version 1.0.9 Safari Scansoft PDF Professional Scrolls Secure Download Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489) Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) SelectionLinks Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) SHIELD Streaming SimCity 4 Deluxe SimCity™ Simple Static IP SIW version 2011.10.29 Six Updater Skins Skype Toolbars Skype™ 6.1 SmoothDraw 3.2.7 Speccy SPORE™ Spotify Sql Server Customer Experience Improvement Program Starbound Steam Surgeon Simulator 2013 Team Fortress 2 TeamSpeak 3 Client The Cave The Elder Scrolls IV: Oblivion The Elder Scrolls Online Beta The Elder Scrolls V: Skyrim The Sims™ 3 theHunter (remove only) Thomas Was Alone Towns TreeSize Free V2.7 Trine 1.09 Unity Unity Web Player Unreal Development Kit: 2012-10 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Updater By SweetPacks 2.0.0.586 Ventrilo Client Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VLC media player 1.1.5 War of the Roses Web Deployment Tool weDownload Manager Pro Winamp Winamp Detector Plug-in Wincore MediaBar Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer winpcap-nmap 4.02 WinPcap 4.1.2 WinRAR 4.00 beta 4 (64-bit) WModem Driver Installer World of Tanks World of Warcraft World of Warcraft Public Test Xvid 1.2.1 final uninstall . ==== Event Viewer Messages From Past Week ======== . 1/5/2014 9:54:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5. 1/5/2014 9:54:19 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 1/5/2014 9:54:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFS MFX 1/5/2014 9:52:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50030e68, 0xffffffffc0000185, 0x000000007ba4b880, 0xfffff8a0061cd200). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010514-46659-01. 1/5/2014 9:52:39 PM, Error: Service Control Manager [7000] - The Dock Login Service service failed to start due to the following error: The system cannot find the file specified. 1/5/2014 9:51:57 PM, Error: volsnap [27] - The shadow copies of volume C: were aborted during detection because a critical control file could not be opened. 1/5/2014 7:58:45 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 1/5/2014 7:57:19 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 1/5/2014 1:36:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc40007f78, 0xffffffffc0000185, 0x0000000020921860, 0xfffff88000fef93c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010514-53445-01. . ==== End Of File ===========================
  3. I noticed pop ups were getting past Ad Block Plus, so I decided to run a Quick Scan with MBAM, and about 480 infected objects showed up (my little sister has been clicking all sorts of pop ups and downloading programs from them, it turns out). I went through and removed all those, rebooted, quick scanned again, and everything was clean. I loaded Chrome up and the pop ups were back again on every page. Twice now, I have tried to do a Full Scan, just to be safe, but the PC gets the BSoD half way through. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by Ben at 22:02:01 on 2014-01-05Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5544 [GMT -5:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\Explorer.EXEC:\Windows\system32\Dwm.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exec:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exeC:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exeC:\Program Files\Bonjour\mDNSResponder.exec:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\Users\Ben\AppData\Local\Akamai\netsession_win.exeC:\Users\Ben\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exeC:\Users\Ben\AppData\Local\Apps\2.0\AOJBWLJT.R0Q\AEPHHWPY.JLW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exeC:\Users\Ben\AppData\Local\Akamai\netsession_win.exeC:\Users\Ben\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exeC:\Program Files\NETGEAR\WN311B\Utility\WN311B.exeC:\Program Files (x86)\Ask.com\Updater\Updater.exeC:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exeC:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exeC:\Program Files (x86)\Browny02\Brother\BrStMonW.exeC:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\ControlCenter4\BrCcUxSys.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\SysWOW64\WN311BFCS.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Browny02\BrYNSvc.exeC:\Windows\System32\vds.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: SelectionLinks: {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} - C:\Program Files (x86)\OApps\SelectionLinks.dllBHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dllBHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dllBHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllTB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllTB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dllEB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - uRun: [Google Update] "C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunuRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduleruRun: [Akamai NetSession Interface] "C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe"uRun: [TSMApplication] "C:\Users\Ben\Desktop\TSM_App_Full\TSMApplication.exe"mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [AS00_WN311B] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe -hidemRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exemRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exemRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exemRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorunmRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUNmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exeStartupFolder: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccipStartupFolder: C:\Users\Ben\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FOLDIN~1.LNK - C:\Program Files (x86)\FAHClient\HideConsole.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTCP: Interfaces\{4A5E37BC-1EEC-4086-9B08-2DA137387B61} : DHCPNameServer = 10.0.0.2TCP: Interfaces\{4A5E37BC-1EEC-4086-9B08-2DA137387B61}\C696E6B6379737 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{C1D00931-5880-4CC5-8915-4B5F45B64B91} : NameServer = 208.67.222.222,208.67.220.220,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1TCP: Interfaces\{C1D00931-5880-4CC5-8915-4B5F45B64B91}\37F6E676D27657563747 : DHCPNameServer = 74.128.17.114 74.128.19.102 192.168.33.1Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllAppInit_DLLs= C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dllSSODL: WebCheck - <orphaned>x64-BHO: weDownload Manager Pro: {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Updater By SweetPacks: {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\idofmqfj.default\FF - prefs.js: browser.search.selectedEngine - Ask.comFF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Ben\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll.---- FIREFOX POLICIES ----FF - user.js: yahoo.ytff.general.dontshowhpoffer - true============= SERVICES / DRIVERS ===============.R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-26 254528]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-19 236544]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-19 15125280]R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2011-8-2 145256]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-21 689472]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]R2 WN311BFCS;Netgear WN311B Wireless Control Service;C:\Windows\System32\WN311BFCS.exe --> C:\Windows\System32\WN311BFCS.exe [?]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-19 46136]R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-19 266240]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-12-21 320040]R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-7-6 44928]R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]R3 NTG43XX;NETGEAR 802.11 Network Adapter Driver;C:\Windows\System32\drivers\WN311B64.SYS [2012-6-16 3058168]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-19 39200]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-8-6 58112]S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-6-3 1471352]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-21 1255736]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880].=============== Created Last 30 ================.2014-01-05 10:11:58 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5B89EED-7CBC-41EA-959C-082D373F892D}\offreg.dll2014-01-05 01:12:15 -------- d-----w- C:\Program Files (x86)\weDownload Manager Pro2014-01-04 23:56:44 98304 ----a-r- C:\Users\Ben\AppData\Roaming\Microsoft\Installer\{E9D90870-AB19-32A8-AA93-F8348BA21D05}\python_icon.exe2014-01-04 23:55:52 -------- d-----w- C:\Python332014-01-03 14:44:51 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5B89EED-7CBC-41EA-959C-082D373F892D}\mpengine.dll2013-12-18 20:14:23 -------- d-----w- C:\Users\Ben\.worldoflogs2013-12-15 06:17:53 -------- d-----w- C:\Users\Ben\AppData\Local\Skyrim2013-12-12 08:02:39 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe2013-12-12 08:02:39 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe2013-12-12 08:02:38 12625920 ----a-w- C:\Windows\System32\wmploc.DLL2013-12-12 08:02:38 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL2013-12-11 20:44:03 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-12-11 20:44:03 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll.==================== Find3M ====================.2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-19 08:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll2013-11-11 15:01:58 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin2013-11-11 13:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-10-16 00:48:05 1884448 ----a-w- C:\Windows\System32\nvdispco6433158.dll2013-10-16 00:48:05 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433158.dll2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe2013-10-08 12:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll.============= FINISH: 22:02:41.25 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 12/31/2010 4:31:48 PMSystem Uptime: 1/5/2014 9:51:50 PM (1 hours ago).Motherboard: Dell Inc. | | 04GJJTProcessor: AMD Athlon II X2 240 Processor | CPU 1 | 2800/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 456 GiB total, 185.658 GiB free.D: is CDROM ()E: is RemovableF: is RemovableG: is RemovableH: is RemovableI: is CDROM ()K: is FIXED (NTFS) - 466 GiB total, 429.104 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}Description: Virtual Audio CableDevice ID: ROOT\MEDIA\0002Manufacturer: EuMus DesignName: Virtual Audio CablePNP Device ID: ROOT\MEDIA\0002Service: EuMusDesignVirtualAudioCableWdm.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================.µTorrent7-Zip 9.20 (x64 edition)A Valley Without WindAcoustica Effects PackAcoustica Mixcraft 5Adobe AIRAdobe Flash Media Live Encoder 3.2Adobe Flash Player 11 ActiveXAdobe Reader 9.2Age of Empires® III: Complete CollectionAkamai NetSession InterfaceAMD FuelApple Application SupportApple Mobile Device SupportApple Software UpdateARMA 2ARMA 2: Operation ArrowheadASIO4ALLAsk ToolbarAsk Toolbar UpdaterAutodesk Backburner 2014Autodesk Composite 2014Autodesk DirectConnect 2014 64-bitAutodesk MatchMover 2014Autodesk Maya 2014AwesomenautsBattle.netBattlEye for OA UninstallBing BarBIT.TRIP BEATBlenderBonjourBorderlandsBorderlands 2Brother MFL-Pro Suite DCP-J140WcalibreCapsizedCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCombat ArmsConsumer In-Home Service AgreementCPUID CPU-Z 1.56Crystal Reports for Visual StudioCurse ClientDAEMON Tools LiteDead IslandDear EstherDell DataSafe Local BackupDell DataSafe Local Backup - Support SoftwareDell DataSafe OnlineDell Edoc ViewerDell Getting Started GuideDiablo IIIDota 2Dotfuscator Software Services - Community EditionDubTurbo2Dungeon DefendersDungeons of DredmorDustforceEpicBotFallout 3Fallout 3 - The Garden of Eden Creation KitFinale 2012Finale Reader 2011FL Studio 10Fraps (remove only)Game Dev Tycoon version 1.3.4GeForce Experience NvStream Client ComponentsGnuWin32: Wget-1.11.4-1Google ChromeGoogle EarthGoogle Update HelperGoToAssist 8.0.0.514Grand Theft Auto IVGuns of IcarusHearthstoneHotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054)Hotline MiamiHP Memories DisciCloudImgBurnInsanely Twisted Shadow PlanetInternet Explorer Toolbar 4.8 by SweetPacksiTunesJava 7 Update 45Java Auto UpdaterJava 6 Update 21 (64-bit)Java 6 Update 29Java 7 Update 4 (64-bit)JavaFX 2.1.1Junk Mail filter updateKerbal Space ProgramLast.fm 1.5.4.27091Little InfernoMachinariumMalwarebytes Anti-Malware version 1.75.0.1300ManyCam 3.1.58MapleStoryMediaWidget 6.0mental ray renderer for Autodesk Maya 2014Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Age of Empires IIMicrosoft Age of Empires II: The Conquerors ExpansionMicrosoft Application Error ReportingMicrosoft ASP.NET MVC 2Microsoft ASP.NET MVC 2 - Visual Studio 2010 ToolsMicrosoft Choice GuardMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Help Viewer 1.0Microsoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft Silverlight 3 SDKMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2008 (64-bit)Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Common FilesMicrosoft SQL Server 2008 Database Engine ServicesMicrosoft SQL Server 2008 Database Engine SharedMicrosoft SQL Server 2008 Native ClientMicrosoft SQL Server 2008 R2 Data-Tier Application FrameworkMicrosoft SQL Server 2008 R2 Data-Tier Application ProjectMicrosoft SQL Server 2008 R2 Management ObjectsMicrosoft SQL Server 2008 R2 Management Objects (x64)Microsoft SQL Server 2008 R2 Transact-SQL Language ServiceMicrosoft SQL Server 2008 RsFx DriverMicrosoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft SQL Server Database Publishing Wizard 1.4Microsoft SQL Server System CLR TypesMicrosoft SQL Server System CLR Types (x64)Microsoft SQL Server VSS WriterMicrosoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Runtime v1.0 SP1 (x64)Microsoft Sync Framework SDK v1.0 SP1Microsoft Sync Framework Services Native v1.0 (x86)Microsoft Sync Framework Services v1.0 SP1 (x64)Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)Microsoft Team Foundation Server 2010 Object Model - ENUMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319Microsoft Visual C++ 2010 Express - ENUMicrosoft Visual F# 2.0 RuntimeMicrosoft Visual Studio 2010 ADO.NET Entity Framework ToolsMicrosoft Visual Studio 2010 Express Prerequisites x64 - ENUMicrosoft Visual Studio 2010 IntelliTrace Collection (x64)Microsoft Visual Studio 2010 Office Developer Tools (x64)Microsoft Visual Studio 2010 Performance Collection Tools - ENUMicrosoft Visual Studio 2010 SharePoint Developer ToolsMicrosoft Visual Studio 2010 Tools for Office Runtime (x64)Microsoft Visual Studio 2010 Ultimate - ENUMicrosoft Visual Studio Macro ToolsMicrosoft WSE 3.0 RuntimeMicrosoft XNA Framework Redistributable 4.0 RefreshMozilla Firefox 4.0.1 (x86 en-US)MSI Afterburner 2.3.1MSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2758694)Mumble 1.2.3My Game Long NameMystery Case Files - 13th Skull Collectors EditionMystery Case Files - Ravenhearst 1.00Mystery Case Files Dire Grove Collectors Edition (Updated) 1.1.5Nuance PaperPort 12Nuance PDF Viewer PlusNVIDIA 3D Vision Controller Driver 331.82NVIDIA 3D Vision Driver 331.82NVIDIA Control Panel 331.82NVIDIA GeForce Experience 1.7.1NVIDIA Graphics Driver 331.82NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA PhysXNVIDIA PhysX System Software 9.13.0725NVIDIA ShadowPlay 9.3.21NVIDIA Stereoscopic 3D DriverNVIDIA Update 9.3.21NVIDIA Update ComponentsNVIDIA Virtual Audio 1.2.9OblivionOpenALOpenOffice.org 3.4.1OriginPaperPort Image Printer 64-bitProteusPsychonautsPython 2.7.3Python 3.3.3 (64-bit)Q.U.B.E.Quantum ConundrumQuickTimeRangeMax NEXT Wireless Adapter WN311BRealm of the Mad GodRealtek High Definition Audio DriverRIFTROBLOX PlayerROBLOX Studio 2013Rogue Legacy Demo version 1.0Rogue Legacy version 1.0.9SafariScansoft PDF ProfessionalScrollsSecure Download ManagerSecurity Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489)Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489)Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980)Security Update for Microsoft Visual Studio Macro Tools (KB2669970)SelectionLinksService Pack 1 for SQL Server 2008 (KB968369) (64-bit)SHIELD StreamingSimCity 4 DeluxeSimCity™Simple Static IPSIW version 2011.10.29Six UpdaterSkinsSkype ToolbarsSkype™ 6.1SmoothDraw 3.2.7SpeccySPORE™SpotifySql Server Customer Experience Improvement ProgramStarboundSteamSurgeon Simulator 2013Team Fortress 2TeamSpeak 3 ClientThe CaveThe Elder Scrolls IV: Oblivion The Elder Scrolls Online BetaThe Elder Scrolls V: SkyrimThe Sims™ 3theHunter (remove only)Thomas Was AloneTownsTreeSize Free V2.7Trine 1.09UnityUnity Web PlayerUnreal Development Kit: 2012-10Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Updater By SweetPacks 2.0.0.586Ventrilo ClientVisual Studio 2010 Prerequisites - EnglishVisual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENUVLC media player 1.1.5War of the RosesWeb Deployment ToolweDownload Manager ProWinampWinamp Detector Plug-inWincore MediaBarWindows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo GalleryWindows Live SyncWindows Live Upload ToolWindows Live Writerwinpcap-nmap 4.02WinPcap 4.1.2WinRAR 4.00 beta 4 (64-bit)WModem Driver InstallerWorld of TanksWorld of WarcraftWorld of Warcraft Public TestXvid 1.2.1 final uninstall.==== Event Viewer Messages From Past Week ========.12/29/2013 2:44:17 PM, Error: Service Control Manager [7023] - The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error: Insufficient system resources exist to complete the requested service.12/29/2013 2:43:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.12/29/2013 2:42:20 PM, Error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:17 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.12/29/2013 2:42:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.1/5/2014 9:54:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.1/5/2014 9:54:19 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@010100041/5/2014 9:54:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFS MFX1/5/2014 9:52:48 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc50030e68, 0xffffffffc0000185, 0x000000007ba4b880, 0xfffff8a0061cd200). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010514-46659-01.1/5/2014 9:52:39 PM, Error: Service Control Manager [7000] - The Dock Login Service service failed to start due to the following error: The system cannot find the file specified.1/5/2014 9:51:57 PM, Error: volsnap [27] - The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.1/5/2014 7:58:45 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.1/5/2014 7:57:19 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.1/5/2014 1:36:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc40007f78, 0xffffffffc0000185, 0x0000000020921860, 0xfffff88000fef93c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010514-53445-01..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.