DDS log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16540 BrowserJavaVersion: 10.51.2
Run by shortcake at 22:23:05 on 2014-03-20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4026.948 [GMT -4:00]
.
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Users\shortcake\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Users\shortcake\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\taskeng.exe
C:\Users\shortcake\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\splwow64.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Users\SHORTC~1\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\SHORTC~1\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\SHORTC~1\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\SHORTC~1\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Users\SHORTC~1\AppData\Local\GCC\CHROME~1\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://
www.yahoo.com/
uSearch Bar = Preserve
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://search.coupons.com/
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} -
TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [WorkForce 630(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGBA.EXE /FU "C:\Windows\TEMP\E_S932.tmp" /EF "HKCU"
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [HP Health Check Scheduler] "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [WRSVC] "C:\Program Files (x86)\Webroot\WRSA.exe" -ul
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
StartupFolder: C:\Users\SHORTC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\shortcake\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\SHORTC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{80590CFE-DB02-4C02-8D37-12C8B9AE667C} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24} : DHCPNameServer = 168.94.0.14 168.94.0.15
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
x64-BHO: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
x64-BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"
x64-mPolicies-Explorer: NoViewOnDrive = dword:0
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-Explorer: DisableLocalMachineRun = dword:0
x64-mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
x64-mPolicies-Explorer: DisableCurrentUserRun = dword:0
x64-mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
x64-mPolicies-Explorer: NoFile = dword:0
x64-mPolicies-Explorer: HideClock = dword:0
x64-mPolicies-Explorer: NoDevMgrUpdate = dword:0
x64-mPolicies-Explorer: NoDFSTab = dword:0
x64-mPolicies-Explorer: NoWindowsUpdate = dword:0
x64-mPolicies-Explorer: NoEncryptOnMove = dword:0
x64-mPolicies-Explorer: NoRunasInstallPrompt = dword:0
x64-mPolicies-Explorer: NoResolveTrack = dword:0
x64-mPolicies-Explorer: NoStartMenuSubFolders = dword:0
x64-mPolicies-System: NoDispAppearancePage = dword:0
x64-mPolicies-System: NoDispSettingsPage = dword:0
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\shortcake\AppData\Roaming\Mozilla\Firefox\Profiles\2iwi5w5q.default\
FF - prefs.js: keyword.URL - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: C:\Users\SHORTC~1\AppData\Roaming\CATALI~1\npBcsKtTcHW.dll
FF - plugin: C:\Users\shortcake\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2013-4-2 115168]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/25 04:05:22];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe [2009-5-25 89088]
R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-2-13 166352]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-1-7 151536]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-3-18 23040]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [2014-1-23 702744]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-19 701512]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-1-13 365952]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-13 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-9-22 126464]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-19 25928]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-3-14 36392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 WRSVC;WRSVC;C:\Program Files (x86)\Webroot\WRSA.exe [2013-4-2 765528]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-15 289256]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-3-17 89920]
.
=============== File Associations ===============
.
FileExt: .cmd: GeekSquad="%1" %*
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2014-03-19 07:01:48 90015360 ----a-w- C:\Windows\System32\mrt.exe
2014-03-08 17:12:30 154248 ----a-w- C:\Windows\SysWow64\WRusr.dll
2014-03-08 17:12:30 115168 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2014-03-08 17:12:30 105320 ----a-w- C:\Windows\System32\WRusr.dll
2014-02-23 07:12:29 17847808 ----a-w- C:\Windows\System32\mshtml.dll
2014-02-23 06:54:58 2334720 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 06:52:45 10926592 ----a-w- C:\Windows\System32\ieframe.dll
2014-02-23 06:48:43 1347072 ----a-w- C:\Windows\System32\urlmon.dll
2014-02-23 06:48:31 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 06:46:42 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-23 06:46:20 237056 ----a-w- C:\Windows\System32\url.dll
2014-02-23 06:46:08 86016 ----a-w- C:\Windows\System32\jsproxy.dll
2014-02-23 06:45:36 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-23 06:45:32 816640 ----a-w- C:\Windows\System32\jscript.dll
2014-02-23 06:45:27 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-23 06:44:57 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2014-02-23 06:44:57 2147840 ----a-w- C:\Windows\System32\iertutil.dll
2014-02-23 06:44:14 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2014-02-23 06:44:02 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:43:22 248320 ----a-w- C:\Windows\System32\ieui.dll
2014-02-23 05:50:22 12347904 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-02-23 05:47:19 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 05:43:55 9739264 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-02-23 05:41:03 1105408 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-02-23 05:40:18 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 05:39:28 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-23 05:38:15 231936 ----a-w- C:\Windows\SysWow64\url.dll
2014-02-23 05:38:08 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-02-23 05:38:08 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-23 05:37:49 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-23 05:37:28 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2014-02-23 05:37:12 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-02-23 05:37:09 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-02-23 05:36:31 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-02-23 05:36:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:35:49 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-02-07 12:11:49 2776064 ----a-w- C:\Windows\System32\win32k.sys
2014-02-03 13:20:59 619008 ----a-w- C:\Windows\System32\qedit.dll
2014-02-03 10:37:54 505344 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-01-30 10:12:47 1111040 ----a-w- C:\Windows\System32\wer.dll
2014-01-30 07:46:58 876032 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-26 23:27:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-26 23:27:19 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-17 21:24:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-01-17 21:24:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-12-13 01:45:27 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 22:23:52.97 ===============