attchInternet Explorer is not working properly. Can not access Internet Options from the Control Panel. Keep getting the message, "Can not find c:\windows\system32\rundll32.exe file." Can open IE, but can't access menu options. Decided to check system for possible virus infection. Attached you will find reports from DDS and GMER scans.
======================================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
Run by bridgette at 13:39:32 on 2013-05-03
Microsoft® Windows Vista Home Basic 6.0.6002.2.1252.1.1033.18.1012.254 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dldfcoms.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell AIO Printer 948\memcard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell AIO Printer 948\dldfmon.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Blinkx\blinkx.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
c:\program files\teamviewer\version8\TeamViewer_Desktop.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071220
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
uProxyServer = hxxp=127.0.0.1:5555
uProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
mURLSearchHooks: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
mURLSearchHooks: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
dURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V2 Toolbar: {C35B648E-72CE-429E-B7D2-A82C51158D25} - c:\program files\mixidj_v2\prxtbMixi.dll
TB: WhiteSmoke New Toolbar: {739DF940-C5EE-4BAB-9D7E-270894AE687A} - c:\program files\whitesmoke_new\prxtbWhit.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
TB: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [blinkxgate] c:\program files\blinkx\blinkx.exe -gate30
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_en-US;_rv:1.9.1.4)_Gecko/20091016_Firefox/3.5.4_(.NET_CLR_3.5.30729)" -"http://www.iwon.com/modules/launchGame/games/includes/blockDotGameIFrame.jhtml?categoryId=3&gameId=551&browser=IE"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [MemoryCardManager] "c:\program files\dell aio printer 948\memcard.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dldfmon.exe] "c:\program files\dell aio printer 948\dldfmon.exe"
mRun: [Dell AIO Printer 948 Fax Server] "c:\program files\dell aio printer 948\fm3032.exe" /s
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\users\bridge~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\bridge~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\SOCIAL~1.LNK -
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: cerner.com
Trusted Zone: turbotax.com
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1285970529230
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D16E52DF-DE68-4A32-806C-4DBBE54E68FA} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT672154&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Winster Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT672154&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\FFExternalAlert.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\motive\npMotiveRequest.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.14\npapicomadapter.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitroie.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\bridgette\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-04-17 18:43; {650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}; c:\program files\mozilla firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - ExtSQL: 2013-04-17 19:06; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: !HIDDEN! 2009-09-20 03:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-09-26 16:40; links@rivalgaming.com; c:\users\bridgette\appdata\roaming\mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe -service --> c:\windows\system32\dldfcoms.exe -service [?]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-9-21 21504]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-7-26 184848]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-9-19 361472]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-5-1 3574624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dldfserv.exe [2007-12-19 98952]
S2 gupdate1ca4c0413ff7790;Google Update Service (gupdate1ca4c0413ff7790);c:\program files\google\update\GoogleUpdate.exe [2009-10-13 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2013-4-15 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-19 30192]
.
=============== Created Last 30 ================
.
2013-05-03 18:03:02 -------- d-----w- c:\users\bridgette\appdata\local\{9D8C67E3-D9C1-4806-9FDA-40B8D32CB1BC}
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\roaming\Windows Live Writer
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\local\Windows Live Writer
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\local\{481F23B8-6B5B-46A6-B90F-B4E1A9151750}
2013-05-03 06:37:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5449341b-3a33-4c79-a358-6ce998daa6c0}\mpengine.dll
2013-05-01 17:31:44 3584 ----a-r- c:\users\bridgette\appdata\roaming\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
2013-05-01 17:31:43 -------- d-----w- c:\program files\Windows Installer Clean Up
2013-05-01 17:30:13 -------- d-----w- c:\program files\MSECACHE
2013-05-01 16:42:12 -------- d-----w- c:\program files\TeamViewer
2013-05-01 00:07:53 -------- d-----w- c:\users\bridgette\appdata\local\NanoService
2013-04-30 20:40:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-18 03:17:29 -------- d-----w- c:\program files\common files\Symantec Shared
2013-04-18 03:05:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-18 03:05:40 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-18 03:05:40 -------- d-----w- c:\program files\SMPlayer
2013-04-18 00:58:21 -------- d-----w- c:\windows\system32\drivers\nss\0400000.030
2013-04-18 00:58:21 -------- d-----w- c:\windows\system32\drivers\NSS
2013-04-18 00:58:21 -------- d-----w- c:\program files\Norton Security Scan
2013-04-18 00:58:11 -------- d-----w- c:\program files\NortonInstaller
2013-04-18 00:22:54 -------- d-----w- c:\users\bridgette\appdata\roaming\RealNetworks
2013-04-18 00:21:04 -------- d-----w- c:\program files\common files\xing shared
2013-04-18 00:20:44 153736 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2013-04-18 00:20:32 124504 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll
2013-04-18 00:06:05 -------- d-----w- c:\program files\RealNetworks
2013-04-18 00:05:44 -------- d-----w- c:\programdata\RealNetworks
2013-04-17 23:59:25 -------- d-----w- c:\users\bridgette\appdata\local\Real
2013-04-17 22:51:14 -------- d-----w- c:\users\bridgette\appdata\local\SwvUpdater
2013-04-17 22:50:25 -------- d-----w- c:\program files\WhiteSmoke_New
2013-04-16 00:32:48 -------- d-----w- c:\program files\DomaIQ Uninstaller
2013-04-16 00:26:46 -------- d-----w- c:\program files\Conduit
2013-04-16 00:26:39 -------- d-----w- c:\users\bridgette\appdata\local\Conduit
2013-04-16 00:26:39 -------- d-----w- c:\program files\MixiDJ_V2
2013-04-16 00:25:55 -------- d-----w- c:\users\bridgette\appdata\local\CRE
2013-04-16 00:24:09 -------- d-----w- c:\users\bridgette\appdata\local\Supreme Savings
2013-04-16 00:01:52 -------- d-----w- c:\windows\en
2013-04-15 23:59:30 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-04-15 23:53:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-04-15 23:36:56 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-04-15 23:36:56 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-04-15 23:36:56 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-15 23:36:31 7450888 ----a-w- c:\program files\common files\windows live\.cache\a1299901ce3a3219\bingbarsetup.exe
2013-04-15 23:36:16 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-15 23:36:10 15712 ----a-w- c:\program files\common files\windows live\.cache\1bafad01ce3a3218\MeshBetaRemover.exe
2013-04-15 23:36:04 89944 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\DSETUP.dll
2013-04-15 23:36:04 537432 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\DXSETUP.exe
2013-04-15 23:36:04 1801048 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\dsetup32.dll
2013-04-15 23:35:58 94040 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\DSETUP.dll
2013-04-15 23:35:58 525656 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\DXSETUP.exe
2013-04-15 23:35:58 1691480 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\dsetup32.dll
2013-04-15 23:32:03 -------- d-----w- c:\users\bridgette\appdata\local\Windows Live
2013-04-15 23:31:53 -------- d-----w- c:\program files\common files\Windows Live
2013-04-15 23:29:39 754688 ----a-w- c:\windows\system32\webservices.dll
2013-04-15 23:27:36 -------- d-----w- c:\program files\Microsoft
2013-04-10 08:11:59 768512 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-04-09 22:08:03 64000 ----a-w- c:\windows\system32\smss.exe
2013-04-09 22:08:03 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-09 22:08:03 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-09 22:08:03 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-09 22:08:01 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 22:08:00 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-04-09 22:07:58 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-04-09 22:07:57 2049024 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2013-05-02 07:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 23:34:00 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2013-05-01 23:32:38 88 --sh--r- c:\windows\system32\C6D3664695.sys
2013-04-04 10:36:01 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-04 10:35:52 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-22 03:46:00 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 18:58:54 12836989 ----a-w- c:\programdata\SPLD20D.tmp
2013-02-12 16:44:07 12836989 ----a-w- c:\programdata\SPL8572.tmp
2013-02-12 01:57:27 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-09 03:18:27 2486593 ----a-w- c:\programdata\SPL5C4B.tmp
2011-08-27 22:50:34 669072 ----a-w- c:\program files\gcUninstall WeatherBlink.dll
2011-08-27 22:50:34 161728 ----a-w- c:\program files\gcres.dll
.
============= FINISH: 13:41:20.76 ===============
======================================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
Run by bridgette at 13:39:32 on 2013-05-03
Microsoft® Windows Vista Home Basic 6.0.6002.2.1252.1.1033.18.1012.254 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dldfcoms.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Yahoo!\YNanoClient\cpn0\YNanoService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell AIO Printer 948\memcard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell AIO Printer 948\dldfmon.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Blinkx\blinkx.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
c:\program files\teamviewer\version8\TeamViewer_Desktop.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2071220
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
uProxyServer = hxxp=127.0.0.1:5555
uProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
mURLSearchHooks: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
mURLSearchHooks: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
dURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V2 Toolbar: {C35B648E-72CE-429E-B7D2-A82C51158D25} - c:\program files\mixidj_v2\prxtbMixi.dll
TB: WhiteSmoke New Toolbar: {739DF940-C5EE-4BAB-9D7E-270894AE687A} - c:\program files\whitesmoke_new\prxtbWhit.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V2 Toolbar: {c35b648e-72ce-429e-b7d2-a82c51158d25} - c:\program files\mixidj_v2\prxtbMixi.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - c:\program files\whitesmoke_new\prxtbWhit.dll
TB: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - c:\program files\yahoo!\ynanoclient\cpn1\YNanoClient_IE.dll
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [blinkxgate] c:\program files\blinkx\blinkx.exe -gate30
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_en-US;_rv:1.9.1.4)_Gecko/20091016_Firefox/3.5.4_(.NET_CLR_3.5.30729)" -"http://www.iwon.com/modules/launchGame/games/includes/blockDotGameIFrame.jhtml?categoryId=3&gameId=551&browser=IE"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [MemoryCardManager] "c:\program files\dell aio printer 948\memcard.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dldfmon.exe] "c:\program files\dell aio printer 948\dldfmon.exe"
mRun: [Dell AIO Printer 948 Fax Server] "c:\program files\dell aio printer 948\fm3032.exe" /s
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\users\bridge~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\bridge~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\SOCIAL~1.LNK -
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: cerner.com
Trusted Zone: turbotax.com
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1285970529230
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D16E52DF-DE68-4A32-806C-4DBBE54E68FA} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT672154&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Winster Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT672154&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\FFExternalAlert.dll
FF - component: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\{f2257711-226b-4529-8e1d-e82e1c55ebd8}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\motive\npMotiveRequest.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.14\npapicomadapter.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitroie.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\bridgette\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\bridgette\appdata\roaming\mozilla\firefox\profiles\b4gcehkq.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-04-17 18:43; {650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}; c:\program files\mozilla firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - ExtSQL: 2013-04-17 19:06; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: !HIDDEN! 2009-09-20 03:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-09-26 16:40; links@rivalgaming.com; c:\users\bridgette\appdata\roaming\mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe -service --> c:\windows\system32\dldfcoms.exe -service [?]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-9-21 21504]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-7-26 184848]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-9-19 361472]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-5-1 3574624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dldfserv.exe [2007-12-19 98952]
S2 gupdate1ca4c0413ff7790;Google Update Service (gupdate1ca4c0413ff7790);c:\program files\google\update\GoogleUpdate.exe [2009-10-13 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2013-4-15 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-19 30192]
.
=============== Created Last 30 ================
.
2013-05-03 18:03:02 -------- d-----w- c:\users\bridgette\appdata\local\{9D8C67E3-D9C1-4806-9FDA-40B8D32CB1BC}
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\roaming\Windows Live Writer
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\local\Windows Live Writer
2013-05-03 18:03:00 -------- d-----w- c:\users\bridgette\appdata\local\{481F23B8-6B5B-46A6-B90F-B4E1A9151750}
2013-05-03 06:37:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5449341b-3a33-4c79-a358-6ce998daa6c0}\mpengine.dll
2013-05-01 17:31:44 3584 ----a-r- c:\users\bridgette\appdata\roaming\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
2013-05-01 17:31:43 -------- d-----w- c:\program files\Windows Installer Clean Up
2013-05-01 17:30:13 -------- d-----w- c:\program files\MSECACHE
2013-05-01 16:42:12 -------- d-----w- c:\program files\TeamViewer
2013-05-01 00:07:53 -------- d-----w- c:\users\bridgette\appdata\local\NanoService
2013-04-30 20:40:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-18 03:17:29 -------- d-----w- c:\program files\common files\Symantec Shared
2013-04-18 03:05:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-18 03:05:40 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-18 03:05:40 -------- d-----w- c:\program files\SMPlayer
2013-04-18 00:58:21 -------- d-----w- c:\windows\system32\drivers\nss\0400000.030
2013-04-18 00:58:21 -------- d-----w- c:\windows\system32\drivers\NSS
2013-04-18 00:58:21 -------- d-----w- c:\program files\Norton Security Scan
2013-04-18 00:58:11 -------- d-----w- c:\program files\NortonInstaller
2013-04-18 00:22:54 -------- d-----w- c:\users\bridgette\appdata\roaming\RealNetworks
2013-04-18 00:21:04 -------- d-----w- c:\program files\common files\xing shared
2013-04-18 00:20:44 153736 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2013-04-18 00:20:32 124504 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll
2013-04-18 00:06:05 -------- d-----w- c:\program files\RealNetworks
2013-04-18 00:05:44 -------- d-----w- c:\programdata\RealNetworks
2013-04-17 23:59:25 -------- d-----w- c:\users\bridgette\appdata\local\Real
2013-04-17 22:51:14 -------- d-----w- c:\users\bridgette\appdata\local\SwvUpdater
2013-04-17 22:50:25 -------- d-----w- c:\program files\WhiteSmoke_New
2013-04-16 00:32:48 -------- d-----w- c:\program files\DomaIQ Uninstaller
2013-04-16 00:26:46 -------- d-----w- c:\program files\Conduit
2013-04-16 00:26:39 -------- d-----w- c:\users\bridgette\appdata\local\Conduit
2013-04-16 00:26:39 -------- d-----w- c:\program files\MixiDJ_V2
2013-04-16 00:25:55 -------- d-----w- c:\users\bridgette\appdata\local\CRE
2013-04-16 00:24:09 -------- d-----w- c:\users\bridgette\appdata\local\Supreme Savings
2013-04-16 00:01:52 -------- d-----w- c:\windows\en
2013-04-15 23:59:30 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-04-15 23:53:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-04-15 23:36:56 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-04-15 23:36:56 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-04-15 23:36:56 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-04-15 23:36:31 7450888 ----a-w- c:\program files\common files\windows live\.cache\a1299901ce3a3219\bingbarsetup.exe
2013-04-15 23:36:16 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-15 23:36:10 15712 ----a-w- c:\program files\common files\windows live\.cache\1bafad01ce3a3218\MeshBetaRemover.exe
2013-04-15 23:36:04 89944 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\DSETUP.dll
2013-04-15 23:36:04 537432 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\DXSETUP.exe
2013-04-15 23:36:04 1801048 ----a-w- c:\program files\common files\windows live\.cache\fe034a001ce3a3117\dsetup32.dll
2013-04-15 23:35:58 94040 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\DSETUP.dll
2013-04-15 23:35:58 525656 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\DXSETUP.exe
2013-04-15 23:35:58 1691480 ----a-w- c:\program files\common files\windows live\.cache\fa14aab01ce3a3116\dsetup32.dll
2013-04-15 23:32:03 -------- d-----w- c:\users\bridgette\appdata\local\Windows Live
2013-04-15 23:31:53 -------- d-----w- c:\program files\common files\Windows Live
2013-04-15 23:29:39 754688 ----a-w- c:\windows\system32\webservices.dll
2013-04-15 23:27:36 -------- d-----w- c:\program files\Microsoft
2013-04-10 08:11:59 768512 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-04-09 22:08:03 64000 ----a-w- c:\windows\system32\smss.exe
2013-04-09 22:08:03 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-09 22:08:03 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-09 22:08:03 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-09 22:08:01 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 22:08:00 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-04-09 22:07:58 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-04-09 22:07:57 2049024 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2013-05-02 07:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 23:34:00 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2013-05-01 23:32:38 88 --sh--r- c:\windows\system32\C6D3664695.sys
2013-04-04 10:36:01 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-04 10:35:52 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-22 03:46:00 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-12 18:58:54 12836989 ----a-w- c:\programdata\SPLD20D.tmp
2013-02-12 16:44:07 12836989 ----a-w- c:\programdata\SPL8572.tmp
2013-02-12 01:57:27 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-09 03:18:27 2486593 ----a-w- c:\programdata\SPL5C4B.tmp
2011-08-27 22:50:34 669072 ----a-w- c:\program files\gcUninstall WeatherBlink.dll
2011-08-27 22:50:34 161728 ----a-w- c:\program files\gcres.dll
.
============= FINISH: 13:41:20.76 ===============