Jump to content

Pup.optional datamngr infection


T8r

Recommended Posts

attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11/1/2010 5:30:28 PM
System Uptime: 8/8/2013 11:29:13 AM (29 hours ago)
.
Motherboard: Hewlett-Packard |  | 144B
Processor: Intel® Core i5 CPU       M 450  @ 2.40GHz | CPU | 1176/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 443 GiB total, 347.838 GiB free.
D: is FIXED (NTFS) - 23 GiB total, 3.315 GiB free.
E: is FIXED (FAT) - 0 GiB total, 0.086 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&02
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP349: 7/16/2013 4:55:09 AM - Windows Update
RP350: 7/19/2013 6:51:16 AM - Windows Update
RP351: 7/22/2013 12:54:02 PM - Windows Update
RP352: 7/22/2013 12:59:49 PM - Windows Update
RP353: 7/26/2013 12:02:53 PM - Windows Update
RP354: 7/30/2013 4:50:28 AM - Windows Update
RP355: 8/6/2013 7:42:53 AM - Windows Update
.
==== Installed Programs ======================
.
Acrobat.com
Adobe Acrobat 6.0 Professional
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Illustrator 10.0.3
Adobe Photoshop CS
Adobe Reader X (10.1.7)
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Akamai NetSession Interface
Apple Application Support
Apple Software Update
ATI Catalyst Install Manager
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Build-a-lot 2
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
CinemaNow Media Manager
Cisco AnyConnect VPN Client
Cisco Connect
Cisco WebEx Meetings
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
DIRECTV Player
Dora's Carnival Adventure
Dropbox
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
ESU for Microsoft Windows 7
Faerie Solitaire
Fairy Tale Mysteries - The Puppet Thief
FATE
ffdshow [rev 2527] [2008-12-19]
Foxit Reader
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Google Chrome
Google Drive
Google Earth Plug-in
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
HP 3D DriveGuard
HP Advisor
HP Customer Experience Enhancements
HP Deskjet 1000 J110 series Basic Device Software
HP Deskjet 1000 J110 series Help
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP Quick Launch
HP QuickWeb Installer
HP Setup
HP SimplePass Identity Protection
HP Software Framework
HP Support Assistant
HP Update
HP User Guides 0177
HP Wireless Assistant
HPDiagnosticAlert
IDT Audio
Intel PROSet Wireless
Intel® Management Engine Components
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Intel® PROSet/Wireless WiFi Software
Java 7 Update 25
Java Auto Updater
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
LightScribe System Software
magicJack
Malwarebytes Anti-Malware version 1.75.0.1300
Map CONHI Drives V14
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WSE 3.0 Runtime
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 5.6.0
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 8.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - The New York Fortune
Penguins!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PX Profile Update
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 6.6
Startup Delayer v3.0 (build 333)
Synaptics Pointing Device Driver
TextTwist 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Validity Sensors DDK
Virtual Families
Virtual Villagers - The Secret City
Vision Machine Tools Suite 4
Vision Pro LT7 (C:\Vision Pro LT7)
Webroot SecureAnywhere
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Yahoo! Detect
Zuma's Revenge
ZumoCast
.
==== Event Viewer Messages From Past Week ========
.
8/6/2013 10:25:16 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
8/6/2013 10:25:15 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The pipe has been ended.
8/4/2013 8:23:12 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer CINDYJO-LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B84199AD-FAA2-44B7-8D6D-875D85D025A3}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 
DDS.txt
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by T8r Salad at 16:19:30 on 2013-08-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.887 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Prey\platform\windows\bin\bash.exe
C:\Prey\platform\windows\bin\bash.exe
C:\Prey\platform\windows\bin\bash.exe
C:\Users\T8r Salad\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [googletalk] "C:\Users\T8r Salad\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [cdloader] "C:\Users\T8r Salad\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [PCShowServer] "C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
uRun: [Akamai NetSession Interface] "C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{16C38B3B-5E35-4CFE-88D9-98178488C144} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\1333036307575626C6F6 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\14355535 : DHCPNameServer = 192.168.1.1 208.180.42.100
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\255637F62747F5745756374737 : DHCPNameServer = 204.130.255.3 209.63.0.6
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\265736B637B696E6 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\4416973794E6E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\755637167795F6572775966656E416B65646C4163747E496768647 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\771627467756C6C6 : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages =  DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [smartMenu] "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
x64-Run: [HPWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [sysTrayApp] "C:\Program Files\IDT\WDM\sttray64.exe"
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [startupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" /LaunchType=Auto /LaunchApps=Common
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\
# Mozilla User Preferences
 
/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */
 
user_pref(app.update.lastUpdateTime.addon-background-update-timer, 1352155386);
user_pref(app.update.lastUpdateTime.background-update-timer, 1338397151);
user_pref(app.update.lastUpdateTime.blocklist-background-update-timer, 1352155506);
user_pref(app.update.lastUpdateTime.microsummary-generator-update-timer, 1313362142);
user_pref(app.update.lastUpdateTime.places-maintenance-timer, 1300572385);
user_pref(app.update.lastUpdateTime.search-engine-update-timer, 1341939655);
user_pref(browser.cache.disk.capacity, 1048576);
user_pref(browser.cache.disk.smart_size.first_run, false);
user_pref(browser.cache.disk.smart_size_cached_value, 1048576);
user_pref(browser.download.lastDir, C:\\Users\\T8r Salad\\Desktop);
user_pref(browser.download.save_converter_index, 2);
user_pref(browser.feeds.handler.default, bookmarks);
user_pref(browser.feeds.handlers.webservice, http://fusion.google.com/add?feedurl=%s);
user_pref(browser.feeds.showFirstRunUI, false);
user_pref(browser.migration.version, 5);
user_pref(browser.places.importBookmarksHTML, false);
user_pref(browser.places.smartBookmarksVersion, 2);
user_pref(browser.rights.3.shown, true);
user_pref(browser.shell.checkDefaultBrowser, false);
FF - prefs.js: browser.startup.homepage - http://start.msn.iplay.com/?o=shp);
user_pref(browser.startup.homepage_override.buildID, 20111104165243);
user_pref(browser.startup.homepage_override.mstone, rv:8.0);
user_pref(browser.startup.page, 3);
user_pref(browser.syncPromoViewsLeft, 0);
user_pref(browser.taskbar.lastgroupid, Mozilla.Firefox.8.0);
user_pref(extension.WeatherBug.CityCode, );
user_pref(extension.WeatherBug.CityName, Mesa);
user_pref(extension.WeatherBug.Country, USA);
user_pref(extension.WeatherBug.DefaultTab, 0);
user_pref(extension.WeatherBug.NumForecasts, 3);
user_pref(extension.WeatherBug.OverlayEnabled, true);
user_pref(extension.WeatherBug.Placement, status-bar);
user_pref(extension.WeatherBug.Position, -1);
user_pref(extension.WeatherBug.State, AZ);
user_pref(extension.WeatherBug.StationId, MESAZ);
user_pref(extension.WeatherBug.Uid, 404295c7-9519-4673-ace2-067c01342ddb);
user_pref(extension.WeatherBug.Units, 0);
user_pref(extension.WeatherBug.WindUnits, 0);
user_pref(extension.WeatherBug.ZipCode, 85201);
user_pref(extensions.blocklist.pingCountTotal, 118);
user_pref(extensions.blocklist.pingCountVersion, 12);
user_pref(extensions.bootstrappedAddons, {});
user_pref(extensions.databaseSchema, 6);
user_pref(extensions.enabledAddons, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:3.0.1,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:8.0);
user_pref(extensions.enabledItems, otis@digitalpersona.com:5.0.0.4248,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906,{3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15);
user_pref(extensions.installCache, [{\name\:\winreg-app-global\,\addons\:{\otis@digitalpersona.com\:{\descriptor\:\C:\\\\Program Files (x86)\\\\DigitalPersona\\\\Bin\\\\FirefoxExt\,\mtime\:1311027694313}}},{\name\:\app-global\,\addons\:{\{1FD91A9C-410C-4090-BBCC-55D3450EF433}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\,\mtime\:1358488367217},\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\,\mtime\:1358481263852},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1320868742462},\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\,\mtime\:1320961120423},\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\,\mtime\:1335991214481},\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\,\mtime\:1341497096697}}},{\name\:\app-profile\,\addons\:{\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\,\mtime\:1316469172453},\{1FD91A9C-410C-4090-BBCC-55D3450EF433}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\,\mtime\:1358488367217},\{3EC9C995-8072-4fc0-953E-4F30620D17F3}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{3EC9C995-8072-4fc0-953E-4F30620D17F3}\,\mtime\:1289076549249},\{f34c9277-6577-4dff-b2d7-7d58092f272f}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{f34c9277-6577-4dff-b2d7-7d58092f272f}\,\mtime\:1358488366749}}}]);
user_pref(extensions.lastAppVersion, 8.0);
user_pref(extensions.lastPlatformVersion, 8.0);
user_pref(extensions.pendingOperations, false);
user_pref(extensions.shownSelectionUI, true);
user_pref(extensions.skype_toolbar.version, 5.0.0.6906);
user_pref(extensions.ui.locale.hidden, true);
user_pref(extensions.update.notifyUser, false);
user_pref(idle.lastDailyNotification, 1338398468);
user_pref(intl.charsetmenu.browser.cache, x-mac-roman, us-ascii, windows-1252, ISO-8859-1, UTF-8);
user_pref(lightweightThemes.isThemeSelected, false);
user_pref(lightweightThemes.persisted.footerURL, true);
user_pref(lightweightThemes.persisted.headerURL, true);
user_pref(lightweightThemes.usedThemes, []);
user_pref(network.cookie.prefsMigrated, true);
user_pref(places.database.lastMaintenance, 1338398469);
user_pref(places.history.expiration.transient_current_max_pages, 122490);
user_pref(places.last_vacuum, 1300137202);
user_pref(pref.advanced.images.disable_button.view_image, false);
user_pref(pref.browser.homepage.disable_button.current_page, false);
user_pref(pref.downloads.disable_button.edit_actions, false);
user_pref(print.print_printer, Brother MFC-240C);
user_pref(print.printer_Brother_MFC-240C.print_bgcolor, false);
user_pref(print.printer_Brother_MFC-240C.print_bgimages, false);
user_pref(print.printer_Brother_MFC-240C.print_command, );
user_pref(print.printer_Brother_MFC-240C.print_downloadfonts, false);
user_pref(print.printer_Brother_MFC-240C.print_edge_bottom, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_left, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_right, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_top, 0);
user_pref(print.printer_Brother_MFC-240C.print_evenpages, true);
user_pref(print.printer_Brother_MFC-240C.print_footercenter, );
user_pref(print.printer_Brother_MFC-240C.print_footerleft, &PT);
user_pref(print.printer_Brother_MFC-240C.print_footerright, &D);
user_pref(print.printer_Brother_MFC-240C.print_headercenter, );
user_pref(print.printer_Brother_MFC-240C.print_headerleft, &T);
user_pref(print.printer_Brother_MFC-240C.print_headerright, &U);
user_pref(print.printer_Brother_MFC-240C.print_in_color, true);
user_pref(print.printer_Brother_MFC-240C.print_margin_bottom, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_left, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_right, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_top, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_oddpages, true);
user_pref(print.printer_Brother_MFC-240C.print_orientation, 0);
user_pref(print.printer_Brother_MFC-240C.print_page_delay, 50);
user_pref(print.printer_Brother_MFC-240C.print_paper_data, 1);
user_pref(print.printer_Brother_MFC-240C.print_paper_height,  11.00);
user_pref(print.printer_Brother_MFC-240C.print_paper_size_type, 0);
user_pref(print.printer_Brother_MFC-240C.print_paper_size_unit, 0);
user_pref(print.printer_Brother_MFC-240C.print_paper_width,   8.50);
user_pref(print.printer_Brother_MFC-240C.print_reversed, false);
user_pref(print.printer_Brother_MFC-240C.print_scaling,   1.25);
user_pref(print.printer_Brother_MFC-240C.print_shrink_to_fit, false);
user_pref(print.printer_Brother_MFC-240C.print_to_file, false);
user_pref(print.printer_Brother_MFC-240C.print_to_filename, );
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_left, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_right, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_top, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_bgcolor, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_bgimages, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_command, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_downloadfonts, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_bottom, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_left, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_right, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_top, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_evenpages, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footercenter, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footerleft, &PT);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footerright, &D);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headercenter, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headerleft, &T);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headerright, &U);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_in_color, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_bottom, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_left, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_right, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_top, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_oddpages, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_orientation, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_page_delay, 50);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_data, 1);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_height,  11.00);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_size_type, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_size_unit, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_width,   8.50);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_reversed, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_scaling,   1.25);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_shrink_to_fit, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_to_file, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_to_filename, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_left, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_right, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_top, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_bgcolor, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_bgimages, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_command, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_left, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_right, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_top, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_evenpages, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footercenter, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footerleft, &PT);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footerright, &D);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headercenter, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headerleft, &T);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headerright, &U);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_in_color, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_left, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_right, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_top, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_oddpages, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_orientation, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_page_delay, 50);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_data, 1);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_height,  11.00);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_width,   8.50);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_reversed, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_scaling,   1.25);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_to_file, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_to_filename, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top, 0);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_bgcolor, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_bgimages, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_evenpages, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footercenter, );
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footerleft, &PT);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footerright, &D);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headercenter, );
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headerleft, &T);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headerright, &U);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_in_color, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_bottom, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_left, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_right, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_top, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_oddpages, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_orientation, 0);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_reversed, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_scaling,   1.00);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_shrink_to_fit, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_bgcolor, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_bgimages, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_command, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_downloadfonts, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_bottom, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_left, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_right, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_top, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_evenpages, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footercenter, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footerleft, &PT);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footerright, &D);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headercenter, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headerleft, &T);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headerright, &U);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_in_color, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_bottom, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_left, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_right, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_top, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_oddpages, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_orientation, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_page_delay, 50);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_data, 1);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_height,  11.00);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_size_type, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_size_unit, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_width,   8.50);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_reversed, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_scaling,   1.25);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_shrink_to_fit, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_to_file, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_to_filename, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_left, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_right, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_top, 0);
user_pref(print_printer, HP Deskjet 1000 J110 series);
user_pref(printer_HP_Deskjet_1000_J110_series.print_bgcolor, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_bgimages, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_colorspace, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_command, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_downloadfonts, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_bottom, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_left, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_right, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_top, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_evenpages, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_footercenter, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_footerleft, &PT);
user_pref(printer_HP_Deskjet_1000_J110_series.print_footerright, &D);
user_pref(printer_HP_Deskjet_1000_J110_series.print_headercenter, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_headerleft, &T);
user_pref(printer_HP_Deskjet_1000_J110_series.print_headerright, &U);
user_pref(printer_HP_Deskjet_1000_J110_series.print_in_color, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_bottom, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_left, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_right, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_top, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_oddpages, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_orientation, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_page_delay, 50);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_data, 1);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_height,  11.00);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_size_type, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_size_unit, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_width,   8.50);
user_pref(printer_HP_Deskjet_1000_J110_series.print_plex_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_resolution_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_reversed, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_scaling,   1.00);
user_pref(printer_HP_Deskjet_1000_J110_series.print_shrink_to_fit, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_to_file, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_to_filename, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_bottom, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_left, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_right, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_top, 0);
user_pref(privacy.cpd.cookies, false);
user_pref(privacy.cpd.sessions, false);
user_pref(privacy.popups.showBrowserMessage, false);
user_pref(privacy.sanitize.migrateFx3Prefs, true);
user_pref(privacy.sanitize.timeSpan, 0);
user_pref(security.warn_viewing_mixed, false);
user_pref(security.warn_viewing_mixed.show_once, false);
user_pref(services.sync.account, prosign@cox.net);
user_pref(services.sync.bookmarks.lastSync, 1352155288.55);
user_pref(services.sync.bookmarks.lastSyncLocal, 1358520785011);
user_pref(services.sync.bookmarks.syncID, 5vio_QAh3HFt);
user_pref(services.sync.client.GUID, yMPwRmUQGF);
user_pref(services.sync.client.name, T8r Salad's Firefox on Windows NT 6.1);
user_pref(services.sync.client.syncID, 2fIAraqX0n7_);
user_pref(services.sync.clients.lastRecordUpload, 1358520783);
user_pref(services.sync.clients.lastSync, 0);
user_pref(services.sync.clients.lastSyncLocal, 1358520783268);
user_pref(services.sync.clients.syncID, LYoDndQHPRRG);
user_pref(services.sync.clusterURL, https://phx-sync545.services.mozilla.com/);
user_pref(services.sync.deletePwd, true);
user_pref(services.sync.engine.history, false);
user_pref(services.sync.engine.prefs, false);
user_pref(services.sync.engine.prefs.modified, false);
user_pref(services.sync.engine.tabs, false);
user_pref(services.sync.forms.lastSync, 0);
user_pref(services.sync.forms.lastSyncLocal, 0);
user_pref(services.sync.forms.syncID, 6BlXsNxYYr4m);
user_pref(services.sync.globalScore, 0);
user_pref(services.sync.history.lastSync, 0);
user_pref(services.sync.history.lastSyncLocal, 0);
user_pref(services.sync.history.syncID, Y0p6LBZHMIzh);
user_pref(services.sync.lastClusterUpdate, 1317998532576);
user_pref(services.sync.lastPing, 1358520782);
user_pref(services.sync.lastSync, Mon Nov 05 2012 16:41:29 GMT-0600 (Central Standard Time));
user_pref(services.sync.lastversion, 1.7);
user_pref(services.sync.migrated, true);
user_pref(services.sync.nextHeartbeat, 0);
user_pref(services.sync.nextSync, 1358607185);
user_pref(services.sync.notifyTabState, 0);
user_pref(services.sync.numClients, 1);
user_pref(services.sync.passwords.lastSync, 1352155291.90);
user_pref(services.sync.passwords.lastSyncLocal, 1358520785012);
user_pref(services.sync.passwords.syncID, bQ4xPBlr5Jv2);
user_pref(services.sync.prefs.lastSync, 0);
user_pref(services.sync.prefs.lastSyncLocal, 0);
user_pref(services.sync.prefs.sync.browser.history_expire_days, true);
user_pref(services.sync.prefs.sync.browser.history_expire_days_min, true);
user_pref(services.sync.prefs.sync.browser.tabs.tabMaxWidth, true);
user_pref(services.sync.prefs.sync.browser.tabs.tabMinWidth, true);
user_pref(services.sync.prefs.sync.dom.disable_window_open_feature.status, true);
user_pref(services.sync.prefs.sync.dom.disable_window_status_change, true);
user_pref(services.sync.prefs.sync.security.enable_java, true);
user_pref(services.sync.prefs.syncID, jLHaQ_ZvUS2U);
user_pref(services.sync.syncInterval, 86400000);
user_pref(services.sync.syncThreshold, 1000);
user_pref(services.sync.tabs.lastSync, 0);
user_pref(services.sync.tabs.lastSyncLocal, 0);
user_pref(services.sync.tabs.syncID, oPZyEg8_w3To);
user_pref(services.sync.username, 4w5t7miwyxo4rzhymtcqlf4h37puuqgt);
user_pref(storage.vacuum.last.index, 0);
user_pref(storage.vacuum.last.places.sqlite, 1338398469);
user_pref(toolkit.telemetry.prompted, true);
user_pref(urlclassifier.keyupdatetime.https://sb-ssl.google.com/safebrowsing/newkey, 1361112767);
user_pref(xpinstall.whitelist.add, );
user_pref(xpinstall.whitelist.add.36, );
user_pref(browser.search.selectedEngine, bing);
user_pref(browser.search.defaultenginename, bing
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPCShowPlugin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: !HIDDEN! 2013-01-17 22:52; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension
.
============= SERVICES / DRIVERS ===============
.
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2011-11-3 114184]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2010-1-29 20056]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/08/19 02:52:23];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-8-19 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-11-16 89600]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2010-9-27 75648]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-22 203264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-1-15 127984]
R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
R2 hasplms;Sentinel HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-28 65657]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE [2010-8-19 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-6 2184496]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-9 493248]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2011-11-3 749112]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-2-26 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-1-25 22016]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-2-26 273168]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-11-1 7680512]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-26 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-8-19 232992]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-11 333928]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-26 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-2 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-08-09 13:30:02 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E11ED67A-86F2-4559-9B1A-EABE3D91F189}\mpengine.dll
2013-08-06 23:07:39 216064 ----a-w- C:\Windows\SysWow64\gcapi_dll.dll
2013-07-25 04:15:29 63384 ----a-r- C:\Users\T8r Salad\AppData\Roaming\Microsoft\Installer\{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}\ARPPRODUCTICON.exe
2013-07-25 04:15:28 -------- d-----w- C:\Users\T8r Salad\AppData\Local\DIRECTV Player
2013-07-22 19:54:50 -------- d-----w- C:\Windows\System32\MRT
2013-07-18 13:25:10 -------- d-----w- C:\ProgramData\r2 Studios
2013-07-18 13:25:06 -------- d-----w- C:\Program Files\r2 Studios
2013-07-16 21:59:00 -------- d-----w- C:\Users\T8r Salad\AppData\Roaming\webex
2013-07-16 21:58:23 -------- d-----w- C:\ProgramData\WebEx
2013-07-16 21:09:42 -------- d-----w- C:\ProgramData\LightScribe
2013-07-11 15:28:15 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-11 15:27:49 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 15:27:49 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
.
==================== Find3M  ====================
.
2013-08-09 23:16:49 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2013-08-02 07:50:21 151728 ----a-w- C:\Windows\SysWow64\WRusr.dll
2013-08-02 07:50:21 114184 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2013-08-02 07:50:21 104360 ----a-w- C:\Windows\System32\WRusr.dll
2013-07-11 22:05:06 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 22:05:06 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-22 16:51:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-22 16:51:06 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-22 16:51:06 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
.
============= FINISH: 16:20:16.40 ===============

 

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

RogueKiller V8.6.5 _x64_ [Aug  5 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : T8r Salad [Admin rights]

Mode : Scan -- Date : 08/09/2013 17:15:13

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] PCShowServerPMWrapper.exe -- C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [7] -> KILLED [TermProc]

[sUSP PATH] NDSPCShowServer.exe -- C:\Users\T8r Salad\AppData\Local\DIRECTV Player\NDSPCShowServer.exe [7] -> KILLED [TermThr]

 

¤¤¤ Registry Entries : 10 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND

[RUN][sUSP PATH] HKCU\[...]\Run : PCShowServer ("C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [7]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-3234435069-2337432931-1277263858-1001\[...]\Run : Google Update ("C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-3234435069-2337432931-1277263858-1001\[...]\Run : PCShowServer ("C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [7]) -> FOUND

[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 4 ¤¤¤

[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA.job : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND

[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core.job : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND

[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND

[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: ST9500420AS +++++

--- User ---

[MBR] 5409b1cd23a2bb3a113fb4b9a40e9ce7

[bSP] 605dbfb8eb6280c37de5f0e0e187d455 : Windows Vista/7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 453314 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 928796672 | Size: 23322 Mo

3 - [XXXXXX] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_08092013_171513.txt >>

 

 

 

 

Link to post
Share on other sites

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.

  • Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.
Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:

Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

You can click on the question mark (?) in the upper left corner of the program and then click on Options. You will then be presented with a dialog where you can disable various detections. These options are described below:

/DisableAskDetection - This option disables Ask Toolbar detection.

MrC

Link to post
Share on other sites

# AdwCleaner v2.306 - Logfile created 08/09/2013 at 19:18:40

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : T8r Salad - T8RSALAD-PC

# Boot Mode : Normal

# Running from : C:\Users\T8r Salad\Downloads\adwcleaner.exe

# Option [search]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\searchplugins\delta.xml

File Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\searchplugins\Search_Results.xml

Folder Found : C:\Program Files (x86)\delta

Folder Found : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Folder Found : C:\Program Files (x86)\Search Results Toolbar

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\boost_interprocess

Folder Found : C:\ProgramData\Browser Manager

Folder Found : C:\Users\T8r Salad\AppData\Local\PackageAware

Folder Found : C:\Users\T8r Salad\AppData\Local\Smartbar

Folder Found : C:\Users\T8r Salad\AppData\Local\SwvUpdater

Folder Found : C:\Users\T8r Salad\AppData\LocalLow\ilividtoolbarguid

Folder Found : C:\Users\T8r Salad\AppData\LocalLow\Smartbar

Folder Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

Folder Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}

Folder Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\ffxtlbr@babylon.com

Folder Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\staged

Folder Found : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\ilividtoolbarguid

Folder Found : C:\Users\T8RSAL~1\AppData\Local\Temp\Smartbar

 

***** [Registry] *****

 

Key Found : HKCU\Software\APN PIP

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\Software\PIP

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v8.0 (en-US)

 

File : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\T8r Salad\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

*************************

 

AdwCleaner[R1].txt - [3015 octets] - [09/08/2013 19:18:40]

 

########## EOF - C:\AdwCleaner[R1].txt - [3075 octets] ##########

 

Link to post
Share on other sites

Lots of adware found....lets clear it out.....

  • Please re-run AdwCleaner
  • Click on Delete button.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Then......

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Last.........

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

# AdwCleaner v2.306 - Logfile created 08/10/2013 at 10:29:52

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : T8r Salad - T8RSALAD-PC

# Boot Mode : Normal

# Running from : C:\Users\T8r Salad\Downloads\AdwCleaner (2).exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Deleted on reboot : C:\ProgramData\Browser Manager

Deleted on reboot : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

Folder Deleted : C:\Users\T8r Salad\AppData\Local\PackageAware

Folder Deleted : C:\Users\T8RSAL~1\AppData\Local\Temp\Smartbar

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v8.0 (en-US)

 

File : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\T8r Salad\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

*************************

 

AdwCleaner[R1].txt - [3144 octets] - [09/08/2013 19:18:40]

AdwCleaner[s1].txt - [1429 octets] - [10/08/2013 10:29:52]

 

########## EOF - C:\AdwCleaner[s1].txt - [1489 octets] ##########
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.1 (08.10.2013:1)

OS: Windows 7 Home Premium x64

Ran by T8r Salad on Sat 08/10/2013 at  9:52:58.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C0C6E1B9-707A-442E-9AB3-71E285D6370F}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\big fish games"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Users\T8r Salad\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\downloadterms"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\smartbar"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\swvupdater"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\ilividtoolbarguid"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\smartbar"

Successfully deleted: [Folder] "C:\Program Files (x86)\delta"

Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ FireFox

 

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\delta.xml

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\search_results.xml

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\ilividtoolbarguid

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\ffxtlbr@babylon.com

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\cxfnl@nxazbwxrbgsgfqqp.net

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\staged

Failed to delete: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{3EC9C995-8072-4FC0-953E-4F30620D17F3}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}

Successfully deleted the following from C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\prefs.js

 

# Mozilla User Preferences

 

/* Do not edit this file.

 *

 * If you make changes to this file while the application is running,

 * the changes will be overwritten when the appl

Emptied folder: C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\minidumps [1 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 08/10/2013 at  9:59:46.08

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

 


# AdwCleaner v2.306 - Logfile created 08/10/2013 at 10:29:52

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : T8r Salad - T8RSALAD-PC

# Boot Mode : Normal

# Running from : C:\Users\T8r Salad\Downloads\AdwCleaner (2).exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Deleted on reboot : C:\ProgramData\Browser Manager

Deleted on reboot : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

Folder Deleted : C:\Users\T8r Salad\AppData\Local\PackageAware

Folder Deleted : C:\Users\T8RSAL~1\AppData\Local\Temp\Smartbar

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v8.0 (en-US)

 

File : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\T8r Salad\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

*************************

 

AdwCleaner[R1].txt - [3144 octets] - [09/08/2013 19:18:40]

AdwCleaner[s1].txt - [1429 octets] - [10/08/2013 10:29:52]

 

########## EOF - C:\AdwCleaner[s1].txt - [1489 octets] ##########

 


 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.1 (08.10.2013:1)

OS: Windows 7 Home Premium x64

Ran by T8r Salad on Sat 08/10/2013 at  9:52:58.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C0C6E1B9-707A-442E-9AB3-71E285D6370F}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\big fish games"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Users\T8r Salad\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\downloadterms"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\smartbar"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\swvupdater"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\ilividtoolbarguid"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\smartbar"

Successfully deleted: [Folder] "C:\Program Files (x86)\delta"

Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ FireFox

 

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\delta.xml

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\search_results.xml

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\ilividtoolbarguid

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\ffxtlbr@babylon.com

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\cxfnl@nxazbwxrbgsgfqqp.net

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\staged

Failed to delete: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{3EC9C995-8072-4FC0-953E-4F30620D17F3}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}

Successfully deleted the following from C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\prefs.js

 

# Mozilla User Preferences

 

/* Do not edit this file.

 *

 * If you make changes to this file while the application is running,

 * the changes will be overwritten when the appl

Emptied folder: C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\minidumps [1 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 08/10/2013 at  9:59:46.08

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.10.04

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

T8r Salad :: T8RSALAD-PC [administrator]

 

8/10/2013 2:49:46 PM

mbam-log-2013-08-10 (14-49-46).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 229484

Time elapsed: 5 minute(s), 56 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.