Hi. My stepdaughter's laptop is a complete mess. My wife and i think she's been using it without any virus protection or firewall for some time. As a result (I think) she's being plagued by pop-ups and other messages which make internet browsing virtually impossible.
She's running windows 7. I tried to perform the full gmer scan, but on 2 occasions, I got the blue screen of death about 20 minutes in. So the ark.txt file is the result of the shorter scan you described.
Sorry there's not much detail here, but I honestly don't know where to start.
We've now installed Norton virus and firewall protection.
Can you help?
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16700
Run by Libby at 14:50:48 on 2015-01-14
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3894.1257 [GMT 0:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\ProgramData\UZmAnBFmb\eLCPFdxcHGb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Libby\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
uRun: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
uRun: [Bubble Dock] "C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
uRun: [Selection Tools] "C:\Users\Libby\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: C:\Windows\System32\LavasoftTcpService.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{422A564A-B690-4823-9494-4800A7E065CD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5E44B1C3-19EF-4E4B-B85B-88439B42176F} : DHCPNameServer = 40.1.1.100
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Libby\AppData\Roaming\Mozilla\Firefox\Profiles\a0mizpmb.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207010.003\symds64.sys [2015-1-13 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207010.003\symefa64.sys [2015-1-13 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-9 1587416]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20150107.001\IDSviA64.sys [2015-1-7 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207010.003\ironx64.sys [2015-1-13 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207010.003\symnets.sys [2015-1-13 386168]
R2 cae99edb;SuperOptimizer Stats;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-13 2449592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 eLCPFdxcHGb;eLCPFdxcHGb;C:\ProgramData\UZmAnBFmb\eLCPFdxcHGb.exe [2015-1-13 2733928]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-11-4 92216]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-20 13336]
R2 LavasoftTcpService;LavasoftTcpService;C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [2014-12-16 1351512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2015-1-13 130008]
R2 SearchProtectionService;IE Search Set;C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2014-12-16 15208]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-20 2320920]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-4-20 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-20 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-12-11 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-1-12 142640]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-8 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-20 349800]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-4-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-01-14 14:45:29 -------- d-----w- C:\ProgramData\Browser
2015-01-13 16:44:32 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symefa64.sys
2015-01-13 16:44:32 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtsp64.sys
2015-01-13 16:44:32 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symds64.sys
2015-01-13 16:44:32 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtspx64.sys
2015-01-13 16:44:32 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symnets.sys
2015-01-13 16:44:31 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\ironx64.sys
2015-01-13 16:44:13 -------- d-----w- C:\Windows\System32\drivers\NISx64\1207010.003
2015-01-13 16:44:00 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2015-01-13 16:44:00 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2015-01-13 16:44:00 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2015-01-13 16:44:00 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2015-01-13 16:43:59 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2015-01-13 16:43:59 444752 ----a-w- C:\Windows\System32\mscoree.dll
2015-01-13 16:43:59 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2015-01-13 16:43:59 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2015-01-13 16:43:59 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2015-01-13 16:43:59 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2015-01-13 16:28:29 -------- d-----w- C:\ProgramData\VirtualizedApplications
2015-01-13 16:27:14 17340080 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2015-01-13 16:07:21 -------- d-----w- C:\Users\Libby\AppData\Local\Macromedia
2015-01-13 16:05:28 -------- d-----w- C:\ProgramData\McAfee Security Scan
2015-01-13 16:05:27 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2015-01-13 16:05:25 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-13 16:05:25 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-13 16:04:56 -------- d-----w- C:\Users\Libby\AppData\Local\Adobe
2015-01-13 16:03:08 -------- d-----w- C:\Users\Libby\AppData\Local\Mozilla
2015-01-13 15:24:49 -------- d-----w- C:\Users\Libby\AppData\Local\Diagnostics
2015-01-13 15:14:34 -------- d-----w- C:\Users\Libby\AppData\Local\{3E92A341-8F52-4968-9F37-53EF1F8CD324}
2015-01-13 15:01:43 58368 ----a-w- C:\Windows\pfpick.dll
2015-01-13 15:01:43 37376 ----a-w- C:\Windows\kpsys32.dll
2015-01-13 15:01:43 212480 ----a-w- C:\Windows\SysWow64\pcdlib32.dll
2015-01-13 15:01:43 20992 ----a-w- C:\Windows\icccodes.dll
2015-01-13 15:01:43 196608 ----a-w- C:\Windows\kpcp32.dll
2015-01-13 15:01:43 133120 ----a-w- C:\Windows\sprof32.dll
2015-01-13 15:01:34 210944 ----a-w- C:\Windows\SysWow64\MSVCRT10.DLL
2015-01-13 15:01:16 -------- d-----w- C:\KPCMS
2015-01-13 14:58:38 306688 ----a-w- C:\Windows\IsUninst.exe
2015-01-13 14:17:11 -------- d-s---w- C:\Windows\System32\CompatTel
2015-01-13 14:17:11 -------- d-----w- C:\Windows\System32\appraiser
2015-01-13 12:29:38 -------- d-----r- C:\Program Files (x86)\Skype
2015-01-13 12:18:03 -------- d-----w- C:\Users\Libby\Tracing
2015-01-13 11:57:58 142336 ----a-w- C:\Windows\System32\poqexec.exe
2015-01-13 11:57:58 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2015-01-13 11:57:53 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-13 11:57:52 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-01-13 11:57:52 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-01-13 11:56:44 830976 ----a-w- C:\Windows\System32\appraiser.dll
2015-01-13 11:56:44 741376 ----a-w- C:\Windows\System32\invagent.dll
2015-01-13 11:56:44 413184 ----a-w- C:\Windows\System32\generaltel.dll
2015-01-13 11:56:44 396800 ----a-w- C:\Windows\System32\devinv.dll
2015-01-13 11:56:44 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-01-13 11:56:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-13 11:56:44 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2015-01-13 11:56:43 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-01-13 11:55:19 3195392 ----a-w- C:\Windows\System32\win32k.sys
2015-01-13 11:46:42 590536 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-01-13 11:44:57 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2015-01-13 11:40:32 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-01-13 00:33:46 -------- d-----w- C:\Users\Libby\AppData\Roaming\Super Optimizer
2015-01-13 00:29:41 -------- d-----w- C:\Users\Libby\AppData\Roaming\WTools
2015-01-13 00:29:00 -------- d-----w- C:\Users\Libby\AppData\Roaming\Nosibay
2015-01-13 00:28:33 -------- d-----w- C:\Program Files (x86)\Super Optimizer
2015-01-13 00:28:32 -------- d-----w- C:\Users\Libby\AppData\Local\WebGuard
2015-01-13 00:28:30 -------- d-----w- C:\Users\Libby\AppData\Local\Programs
2015-01-13 00:28:18 -------- d-----w- C:\ProgramData\WebGuard
2015-01-13 00:28:07 -------- d-----w- C:\ProgramData\UZmAnBFmb
2015-01-13 00:27:37 -------- d-----w- C:\searchplugins
2015-01-13 00:27:27 -------- d-----w- C:\Users\Libby\AppData\Local\Lavasoft
2015-01-13 00:27:21 358736 ----a-w- C:\Windows\System32\LavasoftTcpService64.dll
2015-01-13 00:27:20 312424 ----a-w- C:\Windows\SysWow64\LavasoftTcpService.dll
2015-01-13 00:26:54 -------- d-----w- C:\Program Files (x86)\Lavasoft
2015-01-13 00:26:14 -------- d-----w- C:\Users\Libby\AppData\Local\Google
2015-01-12 23:40:39 -------- d-----w- C:\Users\Libby\AppData\Roaming\SoftGrid Client
2015-01-12 23:40:39 -------- d-----w- C:\Users\Libby\AppData\Local\SoftGrid Client
2015-01-12 23:39:31 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-01-12 23:39:17 -------- d-----w- C:\Users\Libby\AppData\Roaming\TP
2015-01-12 23:02:11 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2015-01-12 22:59:50 -------- d-----w- C:\Users\Libby\AppData\Local\Windows Live
2015-01-12 22:59:43 895088 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2015-01-12 22:59:35 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2015-01-12 22:59:33 -------- d-----w- C:\Users\Libby\AppData\Local\{3454D3E4-5F02-4A34-8C0F-EA60A084882A}
2015-01-12 22:59:31 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-01-12 22:59:19 -------- d-----w- C:\Users\Libby\AppData\Roaming\Windows Live Writer
2015-01-12 22:59:19 -------- d-----w- C:\Users\Libby\AppData\Local\Windows Live Writer
2015-01-12 22:48:29 -------- d-----w- C:\HP_TOOLS_mountHPSF
2015-01-12 21:26:34 1397248 ----a-w- C:\Windows\SysWow64\win_utilman.exe
2015-01-12 21:26:34 -------- d-----w- C:\Users\Libby\AppData\Roaming\PictureMover
2015-01-12 21:26:31 -------- d-----w- C:\Users\Libby\AppData\Roaming\_MDLogs
2015-01-12 21:25:41 -------- d-----w- C:\Users\Libby\AppData\Local\Broadcom
2015-01-12 21:25:39 -------- d-----w- C:\Users\Libby\AppData\Roaming\Intel Corporation
2015-01-12 21:25:36 -------- d-----w- C:\Users\Libby\AppData\Roaming\hpqLog
2015-01-12 21:25:34 -------- d-----w- C:\Users\Libby\AppData\Roaming\Synaptics
2015-01-12 21:24:34 -------- d-----w- C:\Users\Libby\AppData\Local\RemEngine
2015-01-12 21:20:55 -------- d-----w- C:\Users\Libby\AppData\Local\CrashDumps
2015-01-12 21:20:48 -------- d-----w- C:\Users\Libby\AppData\Local\Hewlett-Packard
2015-01-12 21:20:37 -------- d-----w- C:\Users\Libby\AppData\Local\Hewlett-Packard_Company
2015-01-12 21:03:58 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5DC28661-604F-499B-BE18-88DC6D5BE652}\mpengine.dll
2015-01-12 21:03:57 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-18 14:27:46 82432 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-12-18 14:27:46 1275392 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-12-16 14:12:26 44544 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
.
==================== Find3M ====================
.
2015-01-12 22:59:07 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-12-13 01:50:38 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-12-13 01:50:38 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2014-12-12 23:22:40 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2014-12-12 23:22:40 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2014-11-06 02:44:31 309760 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2014-11-06 02:30:07 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
.
============= FINISH: 14:51:21.87 ===============
She's running windows 7. I tried to perform the full gmer scan, but on 2 occasions, I got the blue screen of death about 20 minutes in. So the ark.txt file is the result of the shorter scan you described.
Sorry there's not much detail here, but I honestly don't know where to start.
We've now installed Norton virus and firewall protection.
Can you help?
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16700
Run by Libby at 14:50:48 on 2015-01-14
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3894.1257 [GMT 0:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\ProgramData\UZmAnBFmb\eLCPFdxcHGb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Libby\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
uRun: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
uRun: [Bubble Dock] "C:\Users\Libby\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
uRun: [Selection Tools] "C:\Users\Libby\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: C:\Windows\System32\LavasoftTcpService.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{422A564A-B690-4823-9494-4800A7E065CD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5E44B1C3-19EF-4E4B-B85B-88439B42176F} : DHCPNameServer = 40.1.1.100
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Libby\AppData\Roaming\Mozilla\Firefox\Profiles\a0mizpmb.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207010.003\symds64.sys [2015-1-13 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207010.003\symefa64.sys [2015-1-13 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-9 1587416]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20150107.001\IDSviA64.sys [2015-1-7 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207010.003\ironx64.sys [2015-1-13 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207010.003\symnets.sys [2015-1-13 386168]
R2 cae99edb;SuperOptimizer Stats;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-13 2449592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 eLCPFdxcHGb;eLCPFdxcHGb;C:\ProgramData\UZmAnBFmb\eLCPFdxcHGb.exe [2015-1-13 2733928]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-11-4 92216]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-20 13336]
R2 LavasoftTcpService;LavasoftTcpService;C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [2014-12-16 1351512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2015-1-13 130008]
R2 SearchProtectionService;IE Search Set;C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2014-12-16 15208]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-20 2320920]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-4-20 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-20 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-12-11 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-1-12 142640]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-8 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-20 349800]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-4-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-01-14 14:45:29 -------- d-----w- C:\ProgramData\Browser
2015-01-13 16:44:32 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symefa64.sys
2015-01-13 16:44:32 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtsp64.sys
2015-01-13 16:44:32 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symds64.sys
2015-01-13 16:44:32 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\srtspx64.sys
2015-01-13 16:44:32 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\symnets.sys
2015-01-13 16:44:31 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1207010.003\ironx64.sys
2015-01-13 16:44:13 -------- d-----w- C:\Windows\System32\drivers\NISx64\1207010.003
2015-01-13 16:44:00 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2015-01-13 16:44:00 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2015-01-13 16:44:00 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2015-01-13 16:44:00 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2015-01-13 16:43:59 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2015-01-13 16:43:59 444752 ----a-w- C:\Windows\System32\mscoree.dll
2015-01-13 16:43:59 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2015-01-13 16:43:59 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2015-01-13 16:43:59 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2015-01-13 16:43:59 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2015-01-13 16:28:29 -------- d-----w- C:\ProgramData\VirtualizedApplications
2015-01-13 16:27:14 17340080 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2015-01-13 16:07:21 -------- d-----w- C:\Users\Libby\AppData\Local\Macromedia
2015-01-13 16:05:28 -------- d-----w- C:\ProgramData\McAfee Security Scan
2015-01-13 16:05:27 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2015-01-13 16:05:25 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-13 16:05:25 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-13 16:04:56 -------- d-----w- C:\Users\Libby\AppData\Local\Adobe
2015-01-13 16:03:08 -------- d-----w- C:\Users\Libby\AppData\Local\Mozilla
2015-01-13 15:24:49 -------- d-----w- C:\Users\Libby\AppData\Local\Diagnostics
2015-01-13 15:14:34 -------- d-----w- C:\Users\Libby\AppData\Local\{3E92A341-8F52-4968-9F37-53EF1F8CD324}
2015-01-13 15:01:43 58368 ----a-w- C:\Windows\pfpick.dll
2015-01-13 15:01:43 37376 ----a-w- C:\Windows\kpsys32.dll
2015-01-13 15:01:43 212480 ----a-w- C:\Windows\SysWow64\pcdlib32.dll
2015-01-13 15:01:43 20992 ----a-w- C:\Windows\icccodes.dll
2015-01-13 15:01:43 196608 ----a-w- C:\Windows\kpcp32.dll
2015-01-13 15:01:43 133120 ----a-w- C:\Windows\sprof32.dll
2015-01-13 15:01:34 210944 ----a-w- C:\Windows\SysWow64\MSVCRT10.DLL
2015-01-13 15:01:16 -------- d-----w- C:\KPCMS
2015-01-13 14:58:38 306688 ----a-w- C:\Windows\IsUninst.exe
2015-01-13 14:17:11 -------- d-s---w- C:\Windows\System32\CompatTel
2015-01-13 14:17:11 -------- d-----w- C:\Windows\System32\appraiser
2015-01-13 12:29:38 -------- d-----r- C:\Program Files (x86)\Skype
2015-01-13 12:18:03 -------- d-----w- C:\Users\Libby\Tracing
2015-01-13 11:57:58 142336 ----a-w- C:\Windows\System32\poqexec.exe
2015-01-13 11:57:58 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2015-01-13 11:57:53 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-13 11:57:52 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-01-13 11:57:52 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-01-13 11:56:44 830976 ----a-w- C:\Windows\System32\appraiser.dll
2015-01-13 11:56:44 741376 ----a-w- C:\Windows\System32\invagent.dll
2015-01-13 11:56:44 413184 ----a-w- C:\Windows\System32\generaltel.dll
2015-01-13 11:56:44 396800 ----a-w- C:\Windows\System32\devinv.dll
2015-01-13 11:56:44 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-01-13 11:56:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-13 11:56:44 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2015-01-13 11:56:43 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-01-13 11:55:19 3195392 ----a-w- C:\Windows\System32\win32k.sys
2015-01-13 11:46:42 590536 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-01-13 11:44:57 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2015-01-13 11:40:32 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-01-13 00:33:46 -------- d-----w- C:\Users\Libby\AppData\Roaming\Super Optimizer
2015-01-13 00:29:41 -------- d-----w- C:\Users\Libby\AppData\Roaming\WTools
2015-01-13 00:29:00 -------- d-----w- C:\Users\Libby\AppData\Roaming\Nosibay
2015-01-13 00:28:33 -------- d-----w- C:\Program Files (x86)\Super Optimizer
2015-01-13 00:28:32 -------- d-----w- C:\Users\Libby\AppData\Local\WebGuard
2015-01-13 00:28:30 -------- d-----w- C:\Users\Libby\AppData\Local\Programs
2015-01-13 00:28:18 -------- d-----w- C:\ProgramData\WebGuard
2015-01-13 00:28:07 -------- d-----w- C:\ProgramData\UZmAnBFmb
2015-01-13 00:27:37 -------- d-----w- C:\searchplugins
2015-01-13 00:27:27 -------- d-----w- C:\Users\Libby\AppData\Local\Lavasoft
2015-01-13 00:27:21 358736 ----a-w- C:\Windows\System32\LavasoftTcpService64.dll
2015-01-13 00:27:20 312424 ----a-w- C:\Windows\SysWow64\LavasoftTcpService.dll
2015-01-13 00:26:54 -------- d-----w- C:\Program Files (x86)\Lavasoft
2015-01-13 00:26:14 -------- d-----w- C:\Users\Libby\AppData\Local\Google
2015-01-12 23:40:39 -------- d-----w- C:\Users\Libby\AppData\Roaming\SoftGrid Client
2015-01-12 23:40:39 -------- d-----w- C:\Users\Libby\AppData\Local\SoftGrid Client
2015-01-12 23:39:31 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-01-12 23:39:17 -------- d-----w- C:\Users\Libby\AppData\Roaming\TP
2015-01-12 23:02:11 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2015-01-12 22:59:50 -------- d-----w- C:\Users\Libby\AppData\Local\Windows Live
2015-01-12 22:59:43 895088 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2015-01-12 22:59:35 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2015-01-12 22:59:33 -------- d-----w- C:\Users\Libby\AppData\Local\{3454D3E4-5F02-4A34-8C0F-EA60A084882A}
2015-01-12 22:59:31 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-01-12 22:59:19 -------- d-----w- C:\Users\Libby\AppData\Roaming\Windows Live Writer
2015-01-12 22:59:19 -------- d-----w- C:\Users\Libby\AppData\Local\Windows Live Writer
2015-01-12 22:48:29 -------- d-----w- C:\HP_TOOLS_mountHPSF
2015-01-12 21:26:34 1397248 ----a-w- C:\Windows\SysWow64\win_utilman.exe
2015-01-12 21:26:34 -------- d-----w- C:\Users\Libby\AppData\Roaming\PictureMover
2015-01-12 21:26:31 -------- d-----w- C:\Users\Libby\AppData\Roaming\_MDLogs
2015-01-12 21:25:41 -------- d-----w- C:\Users\Libby\AppData\Local\Broadcom
2015-01-12 21:25:39 -------- d-----w- C:\Users\Libby\AppData\Roaming\Intel Corporation
2015-01-12 21:25:36 -------- d-----w- C:\Users\Libby\AppData\Roaming\hpqLog
2015-01-12 21:25:34 -------- d-----w- C:\Users\Libby\AppData\Roaming\Synaptics
2015-01-12 21:24:34 -------- d-----w- C:\Users\Libby\AppData\Local\RemEngine
2015-01-12 21:20:55 -------- d-----w- C:\Users\Libby\AppData\Local\CrashDumps
2015-01-12 21:20:48 -------- d-----w- C:\Users\Libby\AppData\Local\Hewlett-Packard
2015-01-12 21:20:37 -------- d-----w- C:\Users\Libby\AppData\Local\Hewlett-Packard_Company
2015-01-12 21:03:58 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5DC28661-604F-499B-BE18-88DC6D5BE652}\mpengine.dll
2015-01-12 21:03:57 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-18 14:27:46 82432 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-12-18 14:27:46 1275392 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-12-16 14:12:26 44544 ----a-w- C:\Users\Libby\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
.
==================== Find3M ====================
.
2015-01-12 22:59:07 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-12-13 01:50:38 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-12-13 01:50:38 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2014-12-12 23:22:40 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2014-12-12 23:22:40 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2014-11-06 02:44:31 309760 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2014-11-06 02:30:07 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
.
============= FINISH: 14:51:21.87 ===============