sjutterback
2014-06-24, 07:14
I am attaching the DDS Notepad as a zipped file. I could not download the aswMBR file. Norton said it was not safe and removed it. I am looking forward to having the conduit background removed!!
Thank you
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.51.2
Run by Shirley at 0:10:29 on 2014-06-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16365.12305 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
C:\windows\system32\taskhost.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\windows\SysWOW64\Rundll32.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\ehome\ehRecvr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\windows\system32\UI0Detect.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOee8pPxWBrsNgaDX681zLM5soJ0QCdujJLk7wUyZQkqOR8dsy79aCRZrfWqTZl3Bvsfg,,
uSearch Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
uSearch Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
mURLSearchHooks: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Shirley\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{27E49202-1B40-4666-9320-6E953AB30E65} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\5xoxd2w8.default-1368152864229\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.msn.com (http://www.msn.com)
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q=
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Shirley\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\5xoxd2w8.default-1368152864229\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-10-27 56336]
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1503000.00C\symds64.sys [2014-5-18 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1503000.00C\symefa64.sys [2014-5-18 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [2014-6-9 1530160]
R1 ccSet_NIS;NIS Settings Manager;C:\windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys [2014-5-18 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140623.001\IDSviA64.sys [2014-6-23 525016]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1503000.00C\ironx64.sys [2014-5-18 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1503000.00C\symnets.sys [2014-5-18 593112]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-17 171600]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-27 1026432]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-11-18 89600]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-1-30 32336]
R2 Fitbit Connect;Fitbit Connect Service;C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [2014-1-10 1435680]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe [2014-5-18 276376]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-8-31 1128952]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-8-31 109168]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-31 2656280]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536]
R3 AVerAVF2;AVerAVF2;C:\windows\System32\drivers\AVerAVF2.sys [2012-8-31 1212416]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2012-8-31 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-8-31 39464]
R3 clwvd;HP Webcam Splitter;C:\windows\System32\drivers\clwvd.sys [2011-5-30 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-6-19 142128]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-8-31 471144]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/31 02:58:26;C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-25 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-10-27 30192]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2012-9-25 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-5 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-29 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-06-24 03:27:38 -------- d-----w- C:\Users\Shirley\AppData\Local\{43A21506-EDCA-4F68-86A4-F041B1758BB1}
2014-06-23 15:27:26 -------- d-----w- C:\Users\Shirley\AppData\Local\{9FAEFADC-EEA2-4D78-BF4A-58F54CFCF367}
2014-06-23 03:26:21 -------- d-----w- C:\Users\Shirley\AppData\Local\{48BBB843-F35C-49C1-BA48-BD54C8ADEBE5}
2014-06-22 01:56:00 -------- d-----w- C:\Users\Shirley\AppData\Local\{4315C456-9436-4386-85F5-053CB528A084}
2014-06-21 13:55:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{521558C3-841D-48D5-8BB0-801F5A054C6A}
2014-06-21 01:43:52 -------- d-----w- C:\Users\Shirley\AppData\Local\{5500B2AC-877B-483F-B663-96D952163332}
2014-06-20 13:42:46 -------- d-----w- C:\Users\Shirley\AppData\Local\{C296F811-1ACB-4C30-9D2B-46506459DD7E}
2014-06-20 01:28:07 -------- d-----w- C:\Users\Shirley\AppData\Local\{B9BD1055-C7B9-4534-BA6D-70965214B9FD}
2014-06-19 13:27:54 -------- d-----w- C:\Users\Shirley\AppData\Local\{24660F44-C9C3-4421-9758-0627E116779B}
2014-06-19 01:27:00 -------- d-----w- C:\Users\Shirley\AppData\Local\{51748F28-CE6D-4D3F-BC6C-D9713A1711B6}
2014-06-18 13:26:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{4AF54382-0B95-4452-A879-4F4CBD0AA6EA}
2014-06-18 02:25:20 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-18 02:25:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-18 01:25:42 -------- d-----w- C:\Users\Shirley\AppData\Local\{5FDFE362-AF38-425B-9274-BAD29DC5BDB5}
2014-06-17 13:25:30 -------- d-----w- C:\Users\Shirley\AppData\Local\{C8B0C667-E34D-440A-8984-64F9A7081DB5}
2014-06-17 02:22:28 1658880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM.dll
2014-06-17 01:24:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{749EAC7E-A149-4558-B336-A993B415CF97}
2014-06-16 13:23:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{38FF405D-C58D-4179-AA71-E129B89D5891}
2014-06-16 01:22:39 -------- d-----w- C:\Users\Shirley\AppData\Local\{181B0FA9-E4B5-4696-A529-25C04B568B73}
2014-06-15 13:21:46 -------- d-----w- C:\Users\Shirley\AppData\Local\{E4920F8E-2696-4BB2-8C9B-B708B545CA77}
2014-06-15 01:20:53 -------- d-----w- C:\Users\Shirley\AppData\Local\{4729EA3F-B42C-492C-848B-8B78E3B934AF}
2014-06-14 13:20:40 -------- d-----w- C:\Users\Shirley\AppData\Local\{575A0A5E-DA19-4AA9-9570-E3053BC68BF5}
2014-06-14 01:20:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{00C7EEDD-489E-430B-A804-83DDDA14FF5C}
2014-06-13 13:19:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{0B3D5246-51B3-491F-AFBA-0A344FE19AF4}
2014-06-13 06:00:00 -------- d-----w- C:\Users\Shirley\AppData\Local\Adobe
2014-06-13 01:19:22 -------- d-----w- C:\Users\Shirley\AppData\Local\{0D28EE86-9D4B-4CCD-B78D-55DBB856647C}
2014-06-12 13:18:29 -------- d-----w- C:\Users\Shirley\AppData\Local\{446DBA56-A2F2-43A6-8357-7F4F382694EC}
2014-06-12 02:57:30 -------- d-----w- C:\Users\Shirley\AppData\Local\Adobe_Systems_Incorporate
2014-06-12 02:55:19 -------- d-----w- C:\windows\SysWow64\Adobe
2014-06-12 01:17:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{02A9EB28-4EA0-49C1-B88E-4D85FD3D9ED6}
2014-06-11 13:16:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{2D2D5201-EC10-4211-B5F7-C9671E47967F}
2014-06-10 16:53:04 -------- d-----w- C:\Users\Shirley\AppData\Local\{36A2A153-4392-4BE0-8179-AD5A5FABCB99}
2014-06-10 15:09:50 -------- d-----w- C:\Program Files\Family Tree Maker 2014
2014-06-10 15:08:45 -------- d--h--w- C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}
2014-06-10 04:52:40 -------- d-----w- C:\Users\Shirley\AppData\Local\{340364F2-8DD6-45A0-BB08-6DAFBA40C513}
2014-06-09 16:51:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{BCDFC9B3-A3E6-4DEE-80D9-8A568A3535AF}
2014-06-08 13:21:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{D5A900E7-53F4-4014-936A-0621ED35F26C}
2014-06-08 00:05:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{2014C62C-10CB-44B5-9A1D-579FB0651AEE}
2014-06-07 12:04:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{9CC7D13D-872F-4F4E-B26F-48EB568A8BE8}
2014-06-07 00:04:23 -------- d-----w- C:\Users\Shirley\AppData\Local\{FCCAFF1F-D87F-43FD-8187-CBE83AC646EA}
2014-06-06 12:03:30 -------- d-----w- C:\Users\Shirley\AppData\Local\{48B4876E-9799-47A6-97B7-77B64A7F8238}
2014-06-06 00:03:17 -------- d-----w- C:\Users\Shirley\AppData\Local\{72B8E8D2-A1D5-4ABA-BFFC-8EEF34DCDA49}
2014-06-05 12:02:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{1199F856-95EF-41A9-AE4E-22BEEA56224E}
2014-06-05 00:01:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{F4A2A058-3FE4-4CBA-88C3-F51F7747EF6B}
2014-06-04 12:00:37 -------- d-----w- C:\Users\Shirley\AppData\Local\{3035A5E3-EE03-47A7-8951-039A2D533756}
2014-06-04 00:00:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{F63075B0-697B-4D0D-9A51-B34E2100B73B}
2014-06-03 11:59:32 -------- d-----w- C:\Users\Shirley\AppData\Local\{7B400C1C-949C-4D74-9153-1DC73DE5CE9C}
2014-06-02 23:58:38 -------- d-----w- C:\Users\Shirley\AppData\Local\{B10C49B2-0E68-43DD-BEAC-DC5B49BECCAA}
2014-06-02 16:04:09 -------- d-----w- C:\Users\Shirley\Tracing
2014-06-02 11:57:33 -------- d-----w- C:\Users\Shirley\AppData\Local\{F0BFDCD0-18CE-46D0-ADF5-1F5F0C8E340A}
2014-06-01 23:57:21 -------- d-----w- C:\Users\Shirley\AppData\Local\{9B72BC5C-0D4C-4848-8921-3286DD10B237}
2014-06-01 11:56:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{FC61EB6C-C796-44FF-8B88-428B1EE4E0B2}
2014-05-31 23:55:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{566C5F58-AE67-4C38-8EB4-EF7FF6D8B384}
2014-05-31 11:54:42 -------- d-----w- C:\Users\Shirley\AppData\Local\{313AF6DE-62B6-432B-971F-FD014113223E}
2014-05-30 23:54:29 -------- d-----w- C:\Users\Shirley\AppData\Local\{CA5EE06D-02AD-46FD-9BBB-2E85B84C79EF}
2014-05-30 03:34:16 -------- d-----w- C:\Users\Shirley\AppData\Local\{401FB0BE-09FF-47B4-894E-C2565CA9DABF}
2014-05-29 19:45:14 -------- d-----w- C:\Program Files\iPod
2014-05-29 19:45:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-29 19:45:12 -------- d-----w- C:\Program Files\iTunes
2014-05-29 19:45:12 -------- d-----w- C:\Program Files (x86)\iTunes
2014-05-29 13:37:19 -------- d-----w- C:\Users\Shirley\AppData\Local\{0AC8B0B0-7939-43C9-B010-EAB486FB23CB}
2014-05-29 01:36:26 -------- d-----w- C:\Users\Shirley\AppData\Local\{3966CE1E-F276-4F6F-B5C2-E7F6191D2DFB}
2014-05-28 13:35:20 -------- d-----w- C:\Users\Shirley\AppData\Local\{D48C8FAE-8BC0-4210-B024-5D73B4CB28CB}
2014-05-27 18:01:09 -------- d-----w- C:\Users\Shirley\AppData\Local\{3F1F6C66-02D1-4199-BB59-BAB4AB7677A5}
2014-05-26 11:47:49 -------- d-----w- C:\Users\Shirley\AppData\Local\{F15F9544-E913-4E11-823A-C0648831A4CD}
2014-05-25 17:37:11 -------- d-----w- C:\Users\Shirley\AppData\Local\{1CA4AC99-530C-41E3-8C4B-0115C6F250B4}
2014-05-25 05:36:58 -------- d-----w- C:\Users\Shirley\AppData\Local\{9F63B221-39DA-4690-9F70-97C350C23B45}
.
==================== Find3M ====================
.
2014-06-12 14:45:37 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-12 14:45:37 699056 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:13:05 506368 ----a-w- C:\windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\windows\SysWow64\wininet.dll
2014-05-08 09:32:11 3178496 ----a-w- C:\windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59 801280 ----a-w- C:\windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2014-04-15 06:34:10 1070232 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2014-03-26 14:44:48 2002432 ----a-w- C:\windows\System32\msxml6.dll
2014-03-26 14:44:48 1882112 ----a-w- C:\windows\System32\msxml3.dll
2014-03-26 14:41:39 2048 ----a-w- C:\windows\System32\msxml6r.dll
2014-03-26 14:41:39 2048 ----a-w- C:\windows\System32\msxml3r.dll
2014-03-26 14:27:50 1389056 ----a-w- C:\windows\SysWow64\msxml6.dll
2014-03-26 14:27:50 1237504 ----a-w- C:\windows\SysWow64\msxml3.dll
2014-03-26 14:25:14 2048 ----a-w- C:\windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll
.
============= FINISH: 0:10:41.85 ===============
Thank you
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.51.2
Run by Shirley at 0:10:29 on 2014-06-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16365.12305 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
C:\windows\system32\taskhost.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\windows\SysWOW64\Rundll32.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\ehome\ehRecvr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\windows\system32\UI0Detect.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOee8pPxWBrsNgaDX681zLM5soJ0QCdujJLk7wUyZQkqOR8dsy79aCRZrfWqTZl3Bvsfg,,
uSearch Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
uSearch Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q={searchTerms}
mURLSearchHooks: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Shirley\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{27E49202-1B40-4666-9320-6E953AB30E65} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\5xoxd2w8.default-1368152864229\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.msn.com (http://www.msn.com)
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCvIAbTserZ_kVVvH1aWjGByu3mEw-Kgs5pbpGwEpxE9cjGl2qUJ_rf3LuJeTSq5rmXnW206LN0SNtZpvLI3dKCeqtBOed8YIYUDWrfcsApqPoN9Z-tA9fn6rYK0-4SrM_93ce9SgU_7OS_QFTIj-fUsTASg91g,,&q=
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Shirley\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\5xoxd2w8.default-1368152864229\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-10-27 56336]
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1503000.00C\symds64.sys [2014-5-18 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1503000.00C\symefa64.sys [2014-5-18 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [2014-6-9 1530160]
R1 ccSet_NIS;NIS Settings Manager;C:\windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys [2014-5-18 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140623.001\IDSviA64.sys [2014-6-23 525016]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1503000.00C\ironx64.sys [2014-5-18 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1503000.00C\symnets.sys [2014-5-18 593112]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-17 171600]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-27 1026432]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-11-18 89600]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-1-30 32336]
R2 Fitbit Connect;Fitbit Connect Service;C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [2014-1-10 1435680]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe [2014-5-18 276376]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-8-31 1128952]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-8-31 109168]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-31 2656280]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536]
R3 AVerAVF2;AVerAVF2;C:\windows\System32\drivers\AVerAVF2.sys [2012-8-31 1212416]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2012-8-31 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-8-31 39464]
R3 clwvd;HP Webcam Splitter;C:\windows\System32\drivers\clwvd.sys [2011-5-30 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-6-19 142128]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-8-31 471144]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/31 02:58:26;C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-25 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-10-27 30192]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2012-9-25 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-5 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-29 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-06-24 03:27:38 -------- d-----w- C:\Users\Shirley\AppData\Local\{43A21506-EDCA-4F68-86A4-F041B1758BB1}
2014-06-23 15:27:26 -------- d-----w- C:\Users\Shirley\AppData\Local\{9FAEFADC-EEA2-4D78-BF4A-58F54CFCF367}
2014-06-23 03:26:21 -------- d-----w- C:\Users\Shirley\AppData\Local\{48BBB843-F35C-49C1-BA48-BD54C8ADEBE5}
2014-06-22 01:56:00 -------- d-----w- C:\Users\Shirley\AppData\Local\{4315C456-9436-4386-85F5-053CB528A084}
2014-06-21 13:55:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{521558C3-841D-48D5-8BB0-801F5A054C6A}
2014-06-21 01:43:52 -------- d-----w- C:\Users\Shirley\AppData\Local\{5500B2AC-877B-483F-B663-96D952163332}
2014-06-20 13:42:46 -------- d-----w- C:\Users\Shirley\AppData\Local\{C296F811-1ACB-4C30-9D2B-46506459DD7E}
2014-06-20 01:28:07 -------- d-----w- C:\Users\Shirley\AppData\Local\{B9BD1055-C7B9-4534-BA6D-70965214B9FD}
2014-06-19 13:27:54 -------- d-----w- C:\Users\Shirley\AppData\Local\{24660F44-C9C3-4421-9758-0627E116779B}
2014-06-19 01:27:00 -------- d-----w- C:\Users\Shirley\AppData\Local\{51748F28-CE6D-4D3F-BC6C-D9713A1711B6}
2014-06-18 13:26:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{4AF54382-0B95-4452-A879-4F4CBD0AA6EA}
2014-06-18 02:25:20 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-18 02:25:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-18 01:25:42 -------- d-----w- C:\Users\Shirley\AppData\Local\{5FDFE362-AF38-425B-9274-BAD29DC5BDB5}
2014-06-17 13:25:30 -------- d-----w- C:\Users\Shirley\AppData\Local\{C8B0C667-E34D-440A-8984-64F9A7081DB5}
2014-06-17 02:22:28 1658880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM.dll
2014-06-17 01:24:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{749EAC7E-A149-4558-B336-A993B415CF97}
2014-06-16 13:23:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{38FF405D-C58D-4179-AA71-E129B89D5891}
2014-06-16 01:22:39 -------- d-----w- C:\Users\Shirley\AppData\Local\{181B0FA9-E4B5-4696-A529-25C04B568B73}
2014-06-15 13:21:46 -------- d-----w- C:\Users\Shirley\AppData\Local\{E4920F8E-2696-4BB2-8C9B-B708B545CA77}
2014-06-15 01:20:53 -------- d-----w- C:\Users\Shirley\AppData\Local\{4729EA3F-B42C-492C-848B-8B78E3B934AF}
2014-06-14 13:20:40 -------- d-----w- C:\Users\Shirley\AppData\Local\{575A0A5E-DA19-4AA9-9570-E3053BC68BF5}
2014-06-14 01:20:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{00C7EEDD-489E-430B-A804-83DDDA14FF5C}
2014-06-13 13:19:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{0B3D5246-51B3-491F-AFBA-0A344FE19AF4}
2014-06-13 06:00:00 -------- d-----w- C:\Users\Shirley\AppData\Local\Adobe
2014-06-13 01:19:22 -------- d-----w- C:\Users\Shirley\AppData\Local\{0D28EE86-9D4B-4CCD-B78D-55DBB856647C}
2014-06-12 13:18:29 -------- d-----w- C:\Users\Shirley\AppData\Local\{446DBA56-A2F2-43A6-8357-7F4F382694EC}
2014-06-12 02:57:30 -------- d-----w- C:\Users\Shirley\AppData\Local\Adobe_Systems_Incorporate
2014-06-12 02:55:19 -------- d-----w- C:\windows\SysWow64\Adobe
2014-06-12 01:17:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{02A9EB28-4EA0-49C1-B88E-4D85FD3D9ED6}
2014-06-11 13:16:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{2D2D5201-EC10-4211-B5F7-C9671E47967F}
2014-06-10 16:53:04 -------- d-----w- C:\Users\Shirley\AppData\Local\{36A2A153-4392-4BE0-8179-AD5A5FABCB99}
2014-06-10 15:09:50 -------- d-----w- C:\Program Files\Family Tree Maker 2014
2014-06-10 15:08:45 -------- d--h--w- C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}
2014-06-10 04:52:40 -------- d-----w- C:\Users\Shirley\AppData\Local\{340364F2-8DD6-45A0-BB08-6DAFBA40C513}
2014-06-09 16:51:47 -------- d-----w- C:\Users\Shirley\AppData\Local\{BCDFC9B3-A3E6-4DEE-80D9-8A568A3535AF}
2014-06-08 13:21:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{D5A900E7-53F4-4014-936A-0621ED35F26C}
2014-06-08 00:05:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{2014C62C-10CB-44B5-9A1D-579FB0651AEE}
2014-06-07 12:04:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{9CC7D13D-872F-4F4E-B26F-48EB568A8BE8}
2014-06-07 00:04:23 -------- d-----w- C:\Users\Shirley\AppData\Local\{FCCAFF1F-D87F-43FD-8187-CBE83AC646EA}
2014-06-06 12:03:30 -------- d-----w- C:\Users\Shirley\AppData\Local\{48B4876E-9799-47A6-97B7-77B64A7F8238}
2014-06-06 00:03:17 -------- d-----w- C:\Users\Shirley\AppData\Local\{72B8E8D2-A1D5-4ABA-BFFC-8EEF34DCDA49}
2014-06-05 12:02:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{1199F856-95EF-41A9-AE4E-22BEEA56224E}
2014-06-05 00:01:31 -------- d-----w- C:\Users\Shirley\AppData\Local\{F4A2A058-3FE4-4CBA-88C3-F51F7747EF6B}
2014-06-04 12:00:37 -------- d-----w- C:\Users\Shirley\AppData\Local\{3035A5E3-EE03-47A7-8951-039A2D533756}
2014-06-04 00:00:24 -------- d-----w- C:\Users\Shirley\AppData\Local\{F63075B0-697B-4D0D-9A51-B34E2100B73B}
2014-06-03 11:59:32 -------- d-----w- C:\Users\Shirley\AppData\Local\{7B400C1C-949C-4D74-9153-1DC73DE5CE9C}
2014-06-02 23:58:38 -------- d-----w- C:\Users\Shirley\AppData\Local\{B10C49B2-0E68-43DD-BEAC-DC5B49BECCAA}
2014-06-02 16:04:09 -------- d-----w- C:\Users\Shirley\Tracing
2014-06-02 11:57:33 -------- d-----w- C:\Users\Shirley\AppData\Local\{F0BFDCD0-18CE-46D0-ADF5-1F5F0C8E340A}
2014-06-01 23:57:21 -------- d-----w- C:\Users\Shirley\AppData\Local\{9B72BC5C-0D4C-4848-8921-3286DD10B237}
2014-06-01 11:56:28 -------- d-----w- C:\Users\Shirley\AppData\Local\{FC61EB6C-C796-44FF-8B88-428B1EE4E0B2}
2014-05-31 23:55:35 -------- d-----w- C:\Users\Shirley\AppData\Local\{566C5F58-AE67-4C38-8EB4-EF7FF6D8B384}
2014-05-31 11:54:42 -------- d-----w- C:\Users\Shirley\AppData\Local\{313AF6DE-62B6-432B-971F-FD014113223E}
2014-05-30 23:54:29 -------- d-----w- C:\Users\Shirley\AppData\Local\{CA5EE06D-02AD-46FD-9BBB-2E85B84C79EF}
2014-05-30 03:34:16 -------- d-----w- C:\Users\Shirley\AppData\Local\{401FB0BE-09FF-47B4-894E-C2565CA9DABF}
2014-05-29 19:45:14 -------- d-----w- C:\Program Files\iPod
2014-05-29 19:45:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-29 19:45:12 -------- d-----w- C:\Program Files\iTunes
2014-05-29 19:45:12 -------- d-----w- C:\Program Files (x86)\iTunes
2014-05-29 13:37:19 -------- d-----w- C:\Users\Shirley\AppData\Local\{0AC8B0B0-7939-43C9-B010-EAB486FB23CB}
2014-05-29 01:36:26 -------- d-----w- C:\Users\Shirley\AppData\Local\{3966CE1E-F276-4F6F-B5C2-E7F6191D2DFB}
2014-05-28 13:35:20 -------- d-----w- C:\Users\Shirley\AppData\Local\{D48C8FAE-8BC0-4210-B024-5D73B4CB28CB}
2014-05-27 18:01:09 -------- d-----w- C:\Users\Shirley\AppData\Local\{3F1F6C66-02D1-4199-BB59-BAB4AB7677A5}
2014-05-26 11:47:49 -------- d-----w- C:\Users\Shirley\AppData\Local\{F15F9544-E913-4E11-823A-C0648831A4CD}
2014-05-25 17:37:11 -------- d-----w- C:\Users\Shirley\AppData\Local\{1CA4AC99-530C-41E3-8C4B-0115C6F250B4}
2014-05-25 05:36:58 -------- d-----w- C:\Users\Shirley\AppData\Local\{9F63B221-39DA-4690-9F70-97C350C23B45}
.
==================== Find3M ====================
.
2014-06-12 14:45:37 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-12 14:45:37 699056 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:13:05 506368 ----a-w- C:\windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\windows\SysWow64\wininet.dll
2014-05-08 09:32:11 3178496 ----a-w- C:\windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59 801280 ----a-w- C:\windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2014-04-15 06:34:10 1070232 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2014-03-26 14:44:48 2002432 ----a-w- C:\windows\System32\msxml6.dll
2014-03-26 14:44:48 1882112 ----a-w- C:\windows\System32\msxml3.dll
2014-03-26 14:41:39 2048 ----a-w- C:\windows\System32\msxml6r.dll
2014-03-26 14:41:39 2048 ----a-w- C:\windows\System32\msxml3r.dll
2014-03-26 14:27:50 1389056 ----a-w- C:\windows\SysWow64\msxml6.dll
2014-03-26 14:27:50 1237504 ----a-w- C:\windows\SysWow64\msxml3.dll
2014-03-26 14:25:14 2048 ----a-w- C:\windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll
.
============= FINISH: 0:10:41.85 ===============