trying to remove Incredibar -- SB said it removed it but didn't -- when re-starting Ff 15.0.1 it returns when i open a new tab: MyStart Incredibar appears
hope I've got this right this time: sure you'll let me know if I haven't
the DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Russell at 19:40:26 on 2012-09-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1012.66 [GMT 12:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Box Sync\UpdateService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~1\GFI\GFIBAC~1\GFIFInst.exe
C:\PROGRA~1\GFI\GFIBAC~1\GFIFSC~1.EXE
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\ThreatFire\TFService.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\conhost.exe
C:\Program Files\ThreatFire\TFUN.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page =
uSearch Bar =
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1Qzu0E0Czy0AyByEyD0EtByCyB0E0DtCtC0EtN0D0TzutBtDtCtBtDyCtCyD&cr=1530279376
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: N/A: {93a3111f-4f74-4ed8-895e-d9708497629e} - c:\program files\videodownloadconverter_4z\bar\1.bin\4zSrcAs.dll
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\freecorder 6\tbhelper.dll
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
TB: Freecorder 6: {6b34accf-1b63-4e1a-8633-461917c75544} - c:\program files\freecorder 6\tbcore3.dll
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\program files\microsoft office 15\root\office15\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\russell\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm
IE: Se&nd to OneNote - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll/105
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{74240472-D26B-436F-9D60-760C249DCFA7} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{74240472-D26B-436F-9D60-760C249DCFA7}\37071627B6630314C647 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{74240472-D26B-436F-9D60-760C249DCFA7}\4457E6564696E602C4962627162797021337470264C6F6F627 : DhcpNameServer = 10.10.10.1
TCP: Interfaces\{74240472-D26B-436F-9D60-760C249DCFA7}\642554540294E4455425E454450213 : DhcpNameServer = 192.168.11.1 8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\russell\appdata\roaming\mozilla\firefox\profiles\bylhdpoc.default\
FF - prefs.js: browser.startup.homepage - hxxp://au.yahoo.com/
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitroie.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\videodownloadconverter_4z\bar\1.bin\NP4zStub.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\russell\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQKBEoZ6o&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 4e18d11e0000000000002eb70d3f194a
FF - user.js: extensions.incredibar_i.instlDay - 15607
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1423:07:47
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQKBEoZ6o
FF - user.js: extensions.incredibar_i.upn2n - 92543635926693664
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10643
FF - user.js: extensions.incredibar_i.ppd - 1
.
============= SERVICES / DRIVERS ===============
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2012-5-20 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2012-5-20 69392]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-7-17 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-7-17 355632]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-7-17 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-7-17 58680]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-10-22 25248]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2012-8-4 27760]
R3 igddim32;igddim32;c:\windows\system32\drivers\igddim32.sys [2012-4-20 1344512]
R3 igdkmd32;igdkmd32;c:\windows\system32\drivers\igdkmd32.sys [2012-4-20 419328]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-28 22856]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-12-21 197224]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-12-21 394856]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2012-5-20 33552]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-10-22 35488]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-10-22 290976]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-10-22 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-10-22 147616]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-10-22 60064]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-10-22 263968]
S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-10-22 445088]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-9-28 40776]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2012-09-28 17:31:54 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{78b2374f-2b17-4b23-b40c-f61cff0d9315}\offreg.dll
2012-09-28 15:43:20 6980552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{78b2374f-2b17-4b23-b40c-f61cff0d9315}\mpengine.dll
2012-09-28 07:03:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-09-28 07:03:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-09-28 04:15:02 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-09-28 04:12:52 -------- d-----w- c:\users\russell\appdata\roaming\Malwarebytes
2012-09-28 04:12:10 -------- d-----w- c:\programdata\Malwarebytes
2012-09-28 04:12:00 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 04:12:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-26 08:03:11 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-26 00:54:09 -------- d-----w- c:\program files\CCleaner
2012-09-25 14:15:58 -------- d-----w- c:\users\russell\appdata\roaming\CX
2012-09-25 14:14:37 -------- d-----w- c:\users\russell\appdata\local\CX
2012-09-24 11:09:26 -------- d-----w- c:\program files\Perion
2012-09-23 14:39:22 -------- d-----w- c:\program files\Mr Smoozles Goes Nutso
2012-09-23 12:29:25 -------- d-----w- c:\program files\GOG.com
2012-09-23 06:15:50 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-23 06:12:28 -------- d-----w- c:\program files\iPod
2012-09-23 06:12:07 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-23 06:12:07 -------- d-----w- c:\program files\iTunes
2012-09-21 23:41:24 0 ----a-w- c:\windows\system32\sho5B78.tmp
2012-09-21 23:35:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-21 23:35:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-09-21 23:35:02 140936 ----a-w- c:\program files\internet explorer\sqmapi.dll
2012-09-21 23:35:01 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2012-09-17 01:19:26 -------- d-----w- c:\program files\Sigma Team
2012-09-17 01:07:36 -------- d-----w- C:\Counter-Strike 2D
2012-09-16 22:57:04 -------- d-----w- c:\program files\Cave Story Deluxe
2012-09-16 14:34:27 237848 ----a-w- c:\windows\system32\xactengine2_4.dll
2012-09-16 14:34:25 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-09-16 14:34:24 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2012-09-16 14:34:23 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2012-09-16 14:33:47 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-09-16 10:31:58 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-09-16 10:31:22 -------- d-----w- c:\users\russell\appdata\local\Punkbuster
2012-09-16 10:30:00 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2012-09-15 03:54:15 -------- d-sh--w- C:\found.002
2012-09-13 08:12:25 -------- d-----r- c:\program files\Skype
2012-09-12 20:39:00 0 ----a-w- c:\windows\system32\sho4144.tmp
2012-09-12 04:03:39 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 04:03:38 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 04:03:37 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:03:31 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 04:03:29 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 04:03:23 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 03:49:35 -------- d-----w- C:\09470b656efc966851db
2012-09-09 00:33:48 15632352 ----a-w- c:\program files\mozilla firefox\xul.dll
2012-09-09 00:33:47 19424 ----a-w- c:\program files\mozilla firefox\xpcom.dll
2012-09-09 00:33:46 270304 ----a-w- c:\program files\mozilla firefox\updater.exe
2012-09-09 00:33:41 883896 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2012-09-09 00:33:41 145376 ----a-w- c:\program files\mozilla firefox\ssl3.dll
2012-09-09 00:33:40 155104 ----a-w- c:\program files\mozilla firefox\softokn3.dll
2012-09-09 00:33:39 91104 ----a-w- c:\program files\mozilla firefox\smime3.dll
2012-09-09 00:33:29 15672645 ----a-w- c:\program files\mozilla firefox\protext\texmakerx\texmakerx21_win32-install.exe
2012-09-09 00:33:27 131584 ----a-w- c:\program files\mozilla firefox\protext\Setup.exe
2012-09-09 00:33:24 2149888 ----a-w- c:\program files\mozilla firefox\protext\python26.dll
2012-09-09 00:32:08 5779456 ----a-w- c:\program files\mozilla firefox\protext\miktex\tm\packages\setup-2.9.3959.exe
2012-09-09 00:25:23 5779456 ----a-w- c:\program files\mozilla firefox\protext\miktex\setup\setup-2.9.3959.exe
2012-09-09 00:25:21 655872 ----a-w- c:\program files\mozilla firefox\protext\microsoft.vc90.crt\msvcr90.dll
2012-09-09 00:25:19 568832 ----a-w- c:\program files\mozilla firefox\protext\microsoft.vc90.crt\msvcp90.dll
2012-09-09 00:25:18 224768 ----a-w- c:\program files\mozilla firefox\protext\microsoft.vc90.crt\msvcm90.dll
2012-09-09 00:25:10 1502208 ----a-w- c:\program files\mozilla firefox\protext\gsv\gsv49w32.exe
2012-09-09 00:25:08 2188288 ----a-w- c:\program files\mozilla firefox\protext\gsv\gsv491w64.exe
2012-09-09 00:25:06 2042368 ----a-w- c:\program files\mozilla firefox\protext\gsv\gsv491w32.exe
2012-09-09 00:25:03 12592939 ----a-w- c:\program files\mozilla firefox\protext\gsv\gs902w64.exe
2012-09-08 08:27:38 -------- d--h--w- C:\.cache
2012-09-08 08:23:09 -------- d-----r- c:\users\russell\MegaCloud
2012-09-08 08:22:37 -------- d-----w- c:\users\russell\appdata\roaming\MegaCloudBackup
2012-09-08 08:20:14 -------- d-----w- c:\users\russell\appdata\roaming\MegaCloud
2012-09-08 08:17:11 -------- d-----w- c:\programdata\Web Installer
2012-09-08 05:51:55 -------- d-----w- c:\users\russell\appdata\roaming\Box Sync
2012-09-08 05:51:31 -------- d-----w- c:\users\russell\appdata\roaming\Box Desktop
2012-09-08 05:41:06 -------- d-----w- c:\program files\Box Sync
2012-09-08 05:27:22 -------- d-----w- c:\users\russell\appdata\local\Box Sync
2012-09-08 01:18:22 -------- d-----w- c:\users\russell\appdata\local\SugarSync
2012-09-08 01:16:45 -------- d-----w- c:\program files\SugarSync
2012-09-07 21:36:25 -------- d-----w- c:\users\russell\appdata\local\Tracker Software
2012-09-07 13:32:03 -------- d-----w- c:\users\russell\docear_workspace
2012-09-07 13:29:01 -------- d-----w- c:\users\russell\appdata\roaming\Docear
2012-09-07 12:44:04 -------- d-----w- c:\program files\Docear
2012-09-07 12:16:13 -------- d-----w- c:\program files\Tracker Software
2012-09-01 19:00:47 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-30 11:21:11 -------- d-----w- c:\program files\LibreOffice 3.6
.
==================== Find3M ====================
.
2012-09-01 19:38:05 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-01 19:38:04 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-01 18:59:57 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-01 18:59:56 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 03:58:36 405152 ----a-w- c:\windows\system32\Newtonsoft.Json.Net20.dll
2012-08-21 16:48:32 737280 ----a-w- c:\windows\iun6002.exe
2012-08-21 09:13:15 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13:14 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13:14 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 01:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-15 15:58:49 0 ----a-w- c:\windows\system32\sho6E5C.tmp
2012-08-07 18:54:04 0 ----a-w- c:\windows\system32\sho864F.tmp
2012-07-31 20:46:53 0 ----a-w- c:\windows\system32\sho145B.tmp
2012-07-28 09:32:24 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-07-28 09:32:23 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-07-26 02:39:12 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-07-26 02:39:10 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-07-23 07:20:25 0 ----a-w- c:\windows\system32\sho5CFC.tmp
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-15 00:27:53 2216480 ------w- c:\windows\wweb32.dll
2012-07-06 19:23:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-06 05:34:14 0 ----a-w- c:\windows\system32\shoBAB9.tmp
2012-07-04 21:14:34 41984 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14:34 102912 ----a-w- c:\windows\system32\browser.dll
.
============= FINISH: 19:48:53.31 ===============