Firstly I have a Toshiba personal computer (laptop) with Windows 7 Home Premium SP1. I had Norton Antivirus but that expired some six months ago and since then I've been using McAfee Internet Security. I regularly download things with Utorrent (which I've just uninstalled).
The problem: (AT BOTTOM FIND DDS TEXT AND ATTACHMENT)
Around 3 months ago ads started popping up constantly in ANY browser I used - explorer, firefox and google chrome. I resorted to downloading ABP (Ad Block Pro) for Chrome and it consistently blocks a huge number of popups. Just last week though suddenly my computer slowed down to a near standstill (I thought it had completely frozen), which had never happened before. I had to hold down the power button to turn it off and each time I rebooted it , it would last anything between 2min -30min running normally before this happened again. When it "freezes" the processor still seems to flux every 3 seconds, and if I have the task manager open i can see that the processor percentage is on 0%, then every few seconds moves to 12% then immediately back to 0%, regardless of the applications I have open or the tasks it should be performing. Essentially the laptop in that state is incredibly slow and unusable. I don't know why this started happening or what exactly causes it to happen randomly, but I ran ccleaner, and then defraggler (the laptop didnt freeze during these processes. The problem persisted and I have since backed up personal files.
I've deleted the norton antivirus installer package which was often prompting to download norton again. Ive turned off the firewall and real-time scanning on McAfee, and I uninstalled UTorrent. For now it seems to be more stable and it hasnt happened for a couple of hours.
I've downloaded the dds.scr and run it. I also ran the gmer.exe. However, the gmer.exe scan resulted in a blue error screen which I haven't got a record of now. Either way I've copied/attached the necessary information as instructed on the "Preparing for the Malware Removal Process" section of this website. I'm sorry if I've included loads of unncessary information or not enough necessary information, I really am new to all this and would appreciate any help removing whatever malware etc that must be on my computer!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.51.2
Run by Jay at 20:13:41 on 2014-08-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2935.1156 [GMT 2:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~2\EASYHO~2\bar\1.bin\73barsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Users\Jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73brmon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
Q:\140062.enu\Office14\ONENOTEM.EXE
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60475
uDefault_Page_URL = hxxp://toshiba.msn.com
mStart Page = about:blank
uURLSearchHooks: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\ctbr.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: <No Name>: {355e84a1-21ce-4120-ac15-511b6321cee1} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73SrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\ctbr.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Toolbar BHO: {8f149ea7-5bd3-47b8-b83f-53a9d2fcc9e0} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Search Assistant BHO: {d34961d3-9d10-4b1c-a9e0-0a2ceb1a9163} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73SrcAs.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\ctbr.dll
TB: EasyHomeDecorating: {A04E43E6-BC32-41C1-8C3D-ECD31589D6EC} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\ctbr.dll
TB: EasyHomeDecorating: {a04e43e6-bc32-41c1-8c3d-ecd31589d6ec} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
uRun: [Spotify Web Helper] "C:\Users\Jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Spotify] "C:\Users\Jay\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN37N1CK0J05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
uRun: [Google Update] "C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EasyHomeDecorating Search Scope Monitor] "C:\PROGRA~2\EASYHO~2\bar\1.bin\73srchmn.exe" /m=2 /w /h
mRun: [EasyHomeDecorating_73 Browser Plugin Loader] C:\PROGRA~2\EASYHO~2\bar\1.bin\73brmon.exe
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
StartupFolder: C:\Users\Jay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTIMA~1.LNK - C:\Users\Jay\AppData\Roaming\580F5858BB9A9CDA0EC18C4AAF7D4B0E\configdat700mod.exe
StartupFolder: C:\Users\Jay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: line6.net
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1E28CD9E-BA8C-426A-8F67-61991922EF39} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\4514C4B44514C4B4D2440334545334 : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\A414A5A54554C4F533235353 : DHCPNameServer = 87.216.1.65 87.216.1.66
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\A416A7A74756C6F5242303637313 : DHCPNameServer = 87.216.1.65 87.216.1.66
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\ctbr.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jay\AppData\Roaming\Mozilla\Firefox\Profiles\ft7tbr0r.default\
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&type=A111GB0&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\NP73Stub.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\NP39EISb.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
---- FIREFOX POLICIES ----
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-14 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-12-17 348552]
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64;{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64;C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [2014-4-25 61120]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 EasyHomeDecorating_73Service;EasyHomeDecoratingService;C:\PROGRA~2\EASYHO~2\bar\1.bin\73barsvc.exe [2013-1-18 42504]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-24 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-12-21 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-12-21 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-12-13 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-12-13 189912]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-1 2320920]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-12-13 72128]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-5-6 9216]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-1 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-10 158720]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-2-22 75304]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-12-13 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-12-13 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-6-18 444720]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-7-1 35008]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-7-1 1103904]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-12 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-4-24 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-4-24 203344]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-4-25 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
S3 L6PODX3LV;POD X3 Live Service;C:\Windows\System32\drivers\L6PODX3LV64.sys [2011-11-30 772096]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-6-18 96592]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-5-6 232992]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v2.sys [2007-12-26 340992]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-2-11 124368]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-7-1 51512]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-24 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-08-05 16:46:06 -------- d-----w- C:\Users\Jay\AppData\Local\Nero_AG
2014-08-05 11:31:36 -------- d-----w- C:\Program Files\Defraggler
2014-08-05 10:58:57 -------- d-----w- C:\Program Files\CCleaner
2014-08-01 18:53:02 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-01 18:52:39 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-01 18:52:39 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-01 18:51:57 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-01 18:51:57 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-01 18:51:57 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-01 18:51:57 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
.
==================== Find3M ====================
.
2014-07-09 03:11:44 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 03:11:44 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33 519168 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-20 08:38:22 72128 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-06-20 08:31:06 348552 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-06-20 08:30:38 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-06-20 08:26:02 786296 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-06-20 08:23:40 523792 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-06-20 08:21:48 313544 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-06-20 08:20:54 181704 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:12:42 11336 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2014-06-18 01:12:12 96592 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2014-06-18 01:11:44 444720 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 20:15:40.80 ===============
The problem: (AT BOTTOM FIND DDS TEXT AND ATTACHMENT)
Around 3 months ago ads started popping up constantly in ANY browser I used - explorer, firefox and google chrome. I resorted to downloading ABP (Ad Block Pro) for Chrome and it consistently blocks a huge number of popups. Just last week though suddenly my computer slowed down to a near standstill (I thought it had completely frozen), which had never happened before. I had to hold down the power button to turn it off and each time I rebooted it , it would last anything between 2min -30min running normally before this happened again. When it "freezes" the processor still seems to flux every 3 seconds, and if I have the task manager open i can see that the processor percentage is on 0%, then every few seconds moves to 12% then immediately back to 0%, regardless of the applications I have open or the tasks it should be performing. Essentially the laptop in that state is incredibly slow and unusable. I don't know why this started happening or what exactly causes it to happen randomly, but I ran ccleaner, and then defraggler (the laptop didnt freeze during these processes. The problem persisted and I have since backed up personal files.
I've deleted the norton antivirus installer package which was often prompting to download norton again. Ive turned off the firewall and real-time scanning on McAfee, and I uninstalled UTorrent. For now it seems to be more stable and it hasnt happened for a couple of hours.
I've downloaded the dds.scr and run it. I also ran the gmer.exe. However, the gmer.exe scan resulted in a blue error screen which I haven't got a record of now. Either way I've copied/attached the necessary information as instructed on the "Preparing for the Malware Removal Process" section of this website. I'm sorry if I've included loads of unncessary information or not enough necessary information, I really am new to all this and would appreciate any help removing whatever malware etc that must be on my computer!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.51.2
Run by Jay at 20:13:41 on 2014-08-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2935.1156 [GMT 2:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~2\EASYHO~2\bar\1.bin\73barsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Users\Jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73brmon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
Q:\140062.enu\Office14\ONENOTEM.EXE
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Users\Jay\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60475
uDefault_Page_URL = hxxp://toshiba.msn.com
mStart Page = about:blank
uURLSearchHooks: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\ctbr.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: <No Name>: {355e84a1-21ce-4120-ac15-511b6321cee1} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73SrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: <No Name>: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\ctbr.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Toolbar BHO: {8f149ea7-5bd3-47b8-b83f-53a9d2fcc9e0} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Search Assistant BHO: {d34961d3-9d10-4b1c-a9e0-0a2ceb1a9163} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73SrcAs.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\ctbr.dll
TB: EasyHomeDecorating: {A04E43E6-BC32-41C1-8C3D-ECD31589D6EC} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\ctbr.dll
TB: EasyHomeDecorating: {a04e43e6-bc32-41c1-8c3d-ecd31589d6ec} - C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\73bar.dll
uRun: [Spotify Web Helper] "C:\Users\Jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Spotify] "C:\Users\Jay\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN37N1CK0J05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
uRun: [Google Update] "C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EasyHomeDecorating Search Scope Monitor] "C:\PROGRA~2\EASYHO~2\bar\1.bin\73srchmn.exe" /m=2 /w /h
mRun: [EasyHomeDecorating_73 Browser Plugin Loader] C:\PROGRA~2\EASYHO~2\bar\1.bin\73brmon.exe
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
StartupFolder: C:\Users\Jay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTIMA~1.LNK - C:\Users\Jay\AppData\Roaming\580F5858BB9A9CDA0EC18C4AAF7D4B0E\configdat700mod.exe
StartupFolder: C:\Users\Jay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: line6.net
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1E28CD9E-BA8C-426A-8F67-61991922EF39} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\4514C4B44514C4B4D2440334545334 : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\A414A5A54554C4F533235353 : DHCPNameServer = 87.216.1.65 87.216.1.66
TCP: Interfaces\{E9280DD4-9FF8-4FDA-918F-E0A7588AD08B}\A416A7A74756C6F5242303637313 : DHCPNameServer = 87.216.1.65 87.216.1.66
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\ctbr.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jay\AppData\Roaming\Mozilla\Firefox\Profiles\ft7tbr0r.default\
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&type=A111GB0&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\EasyHomeDecorating_73\bar\1.bin\NP73Stub.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\NP39EISb.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jay\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
---- FIREFOX POLICIES ----
.
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-14 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-12-17 348552]
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64;{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64;C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [2014-4-25 61120]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 EasyHomeDecorating_73Service;EasyHomeDecoratingService;C:\PROGRA~2\EASYHO~2\bar\1.bin\73barsvc.exe [2013-1-18 42504]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-24 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-12-21 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-21 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-12-21 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-12-13 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-12-13 189912]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-1 2320920]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-12-13 72128]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-5-6 9216]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-1 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-10 158720]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-2-22 75304]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-12-13 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-12-13 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-6-18 444720]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-7-1 35008]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-7-1 1103904]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-12 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-4-24 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-4-24 203344]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-4-25 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
S3 L6PODX3LV;POD X3 Live Service;C:\Windows\System32\drivers\L6PODX3LV64.sys [2011-11-30 772096]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-6-18 96592]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-5-6 232992]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v2.sys [2007-12-26 340992]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-2-11 124368]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-7-1 51512]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-24 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-08-05 16:46:06 -------- d-----w- C:\Users\Jay\AppData\Local\Nero_AG
2014-08-05 11:31:36 -------- d-----w- C:\Program Files\Defraggler
2014-08-05 10:58:57 -------- d-----w- C:\Program Files\CCleaner
2014-08-01 18:53:02 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-01 18:52:39 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-01 18:52:39 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-01 18:51:57 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-01 18:51:57 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-01 18:51:57 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-01 18:51:57 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
.
==================== Find3M ====================
.
2014-07-09 03:11:44 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 03:11:44 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33 519168 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-20 08:38:22 72128 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-06-20 08:31:06 348552 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-06-20 08:30:38 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-06-20 08:26:02 786296 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-06-20 08:23:40 523792 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-06-20 08:21:48 313544 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-06-20 08:20:54 181704 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:12:42 11336 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2014-06-18 01:12:12 96592 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2014-06-18 01:11:44 444720 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 20:15:40.80 ===============