Results 1 to 2 of 2

Thread: Spigot?

  1. 2013-11-22, 13:27 #1
    gurpsgm
    gurpsgm is offline
    Junior Member
    Join Date
    Aug 2013
    Location
    Shenandoah Valley, VA
    Posts
    5

    Default Spigot?

    Hi! I still don't know how to get rid of this thing, but I did find the logs you asked for...

    I still get a home page of: (Edit) and it's on all three of my browsers, and repeated attempts to change it back are useless.

    Here's my dds.txt:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.45.2
    Run by gurpsgm at 7:06:19 on 2013-11-22
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5417 [GMT -5:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
    C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
    C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
    C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
    C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
    C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
    C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
    C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
    C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
    C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
    C:\OEM\USBDECTION\USBS3S4Detection.exe
    C:\Windows\System32\Drivers\WTSRV.EXE
    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Verizon\McciTrayApp.exe
    C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\My Lockbox\mylbx.exe
    C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
    C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\EMET (Tech Preview)\EMET_notifier.exe
    C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\RegZooka\RegZookaScheduler.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ie
    mStart Page = hxxp://www.google.com
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
    BHO: Send to MyInfo (Attachment): {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Send to MyInfo: {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\CoIEPlg.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Screenshot Captor] "C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe" /autorun
    uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    mRun: [atr.exe] <no file>
    dRun: [Norton Download Manager{NF2809-PROD-FSD3202}] C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe /m
    StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AnyTime.lnk - C:\Program Files (x86)\AnyTime Organizer Premier\ISI Launcher.exe
    StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\PHOTOF~1.LNK - C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
    uPolicies-Explorer: NoCDBurning = dword:1
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:4
    mPolicies-Explorer: NoResolveTrack = dword:0
    mPolicies-Explorer: NoFileAssociate = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {F0D6B094-D85E-4EDB-81EE-971A684343AB} - {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
    IE: {f192ebcd-82e5-11da-954e-00e08161165f} - {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: vzTCPConfig - hxxp://my.verizon.com/services/SpeedOptimizer/HSI/vzTCPConfig.CAB
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{A60CDF4F-BD12-46F2-8FC2-685CB013FE71} : DHCPNameServer = 192.168.1.1
    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: klogon - <no file>
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - <orphaned>
    x64-mStart Page = hxxp://www.google.com
    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
    x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
    x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
    x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
    x64-Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
    x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
    x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\gurpsgm\AppData\Roaming\Mozilla\Firefox\Profiles\8ckfqq5x.default-1384954388521\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ff
    FF - prefs.js: keyword.url - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
    FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
    FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
    FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
    FF - plugin: C:\Users\gurpsgm\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Square Enix\nprun3d.dll
    FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npo1d.dll
    FF - plugin: C:\Users\gurpsgm\Music\Winamp Detect\npwachk.dll
    FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
    FF - ExtSQL: 2013-11-18 23:19; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF - ExtSQL: 2013-11-19 21:05; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF
    FF - ExtSQL: 2013-11-20 08:16; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2013-5-30 54848]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\symds64.sys [2013-10-11 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys [2013-10-11 1147480]
    R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [2013-11-18 1524824]
    R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys [2013-8-22 168096]
    R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys [2013-10-11 162392]
    R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [2013-8-4 169048]
    R1 ccSet_NZ;Norton Zone Settings Manager;C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys [2013-11-13 162392]
    R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-1-20 31432]
    R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131121.001\IDSviA64.sys [2013-11-21 521816]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\ironx64.sys [2013-10-11 264280]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-10-11 590936]
    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-12 878368]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-8-30 239616]
    R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
    R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2010-10-13 151552]
    R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-9-15 1164328]
    R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-12 2151200]
    R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-11-4 517632]
    R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe [2013-8-22 143928]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe [2013-10-11 264360]
    R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [2013-8-4 144368]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
    R2 NZ;Norton Zone;C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe [2013-11-13 143856]
    R2 PDFSFilter;PDFSFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-8-23 83224]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-30 3921880]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-30 1042272]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-30 171416]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe [2013-10-18 1025408]
    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-30 5788016]
    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-30 484720]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
    R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-27 243232]
    R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]
    R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-10-15 50704]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-20 137648]
    R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-5 32344]
    R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-5 250984]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-5 553576]
    R3 SaiK0728;SaiK0728;C:\Windows\System32\drivers\SaiK0728.sys [2013-4-5 160264]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 bcgame;Nostromo HID Device Minidriver;C:\Windows\System32\drivers\bcgame.sys [2013-10-27 35328]
    S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
    S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2013-11-20 22704]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-6 57856]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2013-6-22 30192]
    S3 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-11-9 335168]
    S3 jswpsapi;Jumpstart Wifi Protected Setup; [x]
    S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2013-9-7 15896]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2013-9-7 327576]
    S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
    S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
    S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-8-27 34336]
    S3 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-3-7 16000]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
    S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
    S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-8-27 23016]
    S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-10-30 18288]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-22 1255736]
    S4 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2012-9-4 401920]
    S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-20 173192]
    S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-7-29 79360]
    S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-7-29 79360]
    S4 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
    S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-8-27 23048]
    S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
    S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
    S4 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-5-28 230416]
    S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\NotePro.exe="C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe" "%1" [UserChoice]
    FileExt: .jse: JSEFile=NOTEPAD.EXE %1
    FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
    ShellExec: cse110.exe: edit="C:\Program Files (x86)\HTMLValidator110\cmdlineprocessor.exe" -o "%1"
    ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
    .
    =============== Created Last 30 ================
    .
    2013-11-21 19:00:24 98816 ----a-w- C:\Windows\sed.exe
    2013-11-21 19:00:24 256000 ----a-w- C:\Windows\PEV.exe
    2013-11-21 19:00:24 208896 ----a-w- C:\Windows\MBR.exe
    2013-11-21 19:00:21 -------- dc----w- C:\ComboFix
    2013-11-21 11:14:01 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\DriverCure
    2013-11-20 22:05:30 -------- d-----w- C:\Users\gurpsgm\AppData\Local\FileTypeAssistant
    2013-11-20 14:51:54 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\SparkTrust
    2013-11-20 14:51:39 -------- d-----w- C:\Program Files (x86)\Common Files\SparkTrust
    2013-11-20 14:51:33 -------- d-----w- C:\ProgramData\SparkTrust
    2013-11-20 14:51:33 -------- d-----w- C:\Program Files (x86)\SparkTrust
    2013-11-20 13:45:21 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
    2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
    2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
    2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
    2013-11-20 13:45:13 -------- dc----w- C:\sh4ldr
    2013-11-20 13:45:13 -------- dc----w- C:\Program Files\Enigma Software Group
    2013-11-20 13:43:55 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
    2013-11-20 13:37:08 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll
    2013-11-20 13:37:08 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll
    2013-11-20 13:37:07 81920 ----a-w- C:\Windows\eSellerateControl350.dll
    2013-11-20 13:37:07 356352 ----a-w- C:\Windows\eSellerateEngine.dll
    2013-11-20 13:37:07 -------- d-----w- C:\Program Files (x86)\Spigot Removal Tool
    2013-11-20 12:52:20 -------- d-----w- C:\Windows\ERUNT
    2013-11-20 12:39:31 -------- dc----w- C:\AdwCleaner
    2013-11-19 16:11:15 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Virtual Mechanics
    2013-11-19 16:11:15 -------- d-----w- C:\ProgramData\Virtual Mechanics
    2013-11-19 16:10:06 -------- d-----w- C:\Program Files (x86)\Virtual Mechanics
    2013-11-19 12:43:55 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Malwarebytes
    2013-11-19 12:43:48 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-11-19 12:43:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-11-19 12:43:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-11-19 11:52:06 -------- d-----w- C:\Users\gurpsgm\AppData\Local\LogMeIn Rescue Applet
    2013-11-19 11:38:44 -------- dc----w- C:\temp
    2013-11-13 19:55:41 162392 ----a-r- C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys
    2013-11-13 19:55:38 -------- d-----w- C:\Windows\System32\drivers\NZx64\01000F0.00D
    2013-11-13 12:24:01 -------- dc----w- C:\Vocation
    2013-11-13 12:23:42 -------- dc----w- C:\Transits
    2013-11-13 12:23:17 -------- dc----w- C:\TNA_db
    2013-11-13 12:22:59 -------- dc----w- C:\SE_Triple_Aspects
    2013-11-13 12:22:39 -------- dc----w- C:\SE_Quadruple_Aspects
    2013-11-13 12:22:17 434176 ----a-w- C:\Windows\SysWow64\swedll32.dll
    2013-11-13 12:22:17 -------- dc----w- C:\SE_Aspectarian
    2013-11-13 12:21:44 1355776 ----a-w- C:\Windows\SysWow64\Msvbvm50.dll
    2013-11-13 12:21:44 -------- dc----w- C:\AstroWin
    2013-11-13 12:19:34 260880 ----a-w- C:\Windows\SysWow64\Msflxgrd.ocx
    2013-11-13 12:19:34 -------- dc----w- C:\Astro123
    2013-11-12 18:30:08 -------- d-----w- C:\Users\gurpsgm\AppData\Local\WhiteListing
    2013-11-12 17:37:27 -------- d-----w- C:\Program Files (x86)\Kyodai Mahjongg 2006
    2013-11-12 17:36:26 33792 ------w- C:\Windows\System32\ImHttpComm.dll_old
    2013-11-12 17:36:26 1761584 ------w- C:\Windows\System32\dmwu.exe_old
    2013-11-12 14:46:31 -------- d-----w- C:\ProgramData\ProductData
    2013-11-12 13:11:30 -------- d-----w- C:\Users\gurpsgm\Metacreator
    2013-11-11 03:58:38 -------- d-----w- C:\Program Files (x86)\Alchemy Mindworks
    2013-11-11 03:58:37 -------- d-----w- C:\ProgramData\Alchemy Mindworks
    2013-11-08 00:51:16 -------- d-----w- C:\Program Files (x86)\Metacreator Demo
    2013-11-05 18:35:25 -------- d-sh--w- C:\ProgramData\DSS
    2013-11-05 13:36:30 -------- d-----w- C:\ProgramData\LightScribe
    2013-11-02 21:28:41 -------- dc----w- C:\cc7c692bc60a8fe4f9ebe7f97f
    2013-11-02 20:52:37 -------- d-----w- C:\Program Files (x86)\The Witcher 2
    2013-11-01 19:15:29 -------- d-----w- C:\Program Files (x86)\Print Workshop
    2013-11-01 19:08:29 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Auexsoft
    2013-11-01 18:58:01 -------- d-----w- C:\Program Files (x86)\AuexSoft
    2013-11-01 18:53:36 -------- d-----w- C:\Program Files (x86)\PDFsvg
    2013-11-01 18:37:14 -------- d-----w- C:\Users\gurpsgm\AppData\Local\NativeMessaging
    2013-11-01 18:36:16 -------- d-----w- C:\Program Files (x86)\ABC Amber LIT Converter
    2013-11-01 00:57:57 -------- d-----w- C:\Users\gurpsgm\AppData\Local\Kingsoft
    2013-10-31 03:51:54 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-10-31 03:40:58 -------- d-----w- C:\Program Files (x86)\SeaMonkey
    2013-10-31 03:32:33 -------- d-----w- C:\ProgramData\Kingsoft
    2013-10-31 03:31:24 -------- d-----w- C:\Program Files (x86)\Kingsoft
    2013-10-31 03:31:19 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Kingsoft
    2013-10-27 15:13:12 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Belkin
    2013-10-27 15:13:04 35328 ----a-w- C:\Windows\System32\drivers\bcgame.sys
    2013-10-27 15:13:04 226288 ----a-w- C:\Windows\System32\bgcpsp.dll
    2013-10-27 15:12:41 -------- d-----w- C:\Program Files (x86)\Belkin
    2013-10-25 15:09:12 202920 ----a-w- C:\Windows\Pagan Daybook.scr
    2013-10-24 22:04:53 -------- d-----w- C:\Program Files (x86)\eags on!
    .
    ==================== Find3M ====================
    .
    2013-11-16 16:52:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-23 16:00:56 454168 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
    2013-10-09 08:53:52 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-04 12:23:13 24 --sha-w- C:\Users\gurpsgm\AppData\Roaming\1D959CA221C7573.sys
    2013-09-30 14:16:10 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll
    2013-09-27 03:18:30 1147480 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys
    2013-09-27 02:26:03 858200 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
    2013-09-26 03:28:00 590936 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
    2013-09-26 02:50:25 162392 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys
    2013-09-25 16:53:27 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-09-15 18:37:28 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
    2013-09-15 18:37:11 973736 ----a-w- C:\Windows\System32\deployJava1.dll
    2013-09-15 18:37:11 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
    2013-09-09 22:26:34 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
    2013-09-09 22:26:24 26184 ----a-w- C:\Windows\System32\smrgdf.exe
    2013-09-09 22:08:10 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
    2013-09-09 22:08:08 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
    2013-09-09 07:57:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
    2013-09-09 07:57:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll
    2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\atimpc64.dll
    2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
    2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2013-08-31 00:14:00 142792 ----a-w- C:\Windows\System32\atiuxp64.dll
    2013-08-31 00:14:00 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2013-08-31 00:13:58 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2013-08-31 00:13:58 114488 ----a-w- C:\Windows\System32\atiu9p64.dll
    2013-08-31 00:13:56 1233080 ----a-w- C:\Windows\System32\aticfx64.dll
    2013-08-31 00:13:54 1027544 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2013-08-31 00:13:50 9464840 ----a-w- C:\Windows\System32\atidxx64.dll
    2013-08-31 00:13:46 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2013-08-31 00:13:42 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2013-08-31 00:13:38 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2013-08-31 00:13:32 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll
    2013-08-31 00:13:30 7256496 ----a-w- C:\Windows\System32\atiumd64.dll
    2013-08-31 00:11:28 12528640 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2013-08-30 23:58:50 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
    2013-08-30 23:53:48 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
    2013-08-30 23:48:44 127488 ----a-w- C:\Windows\System32\coinst_13.152.dll
    2013-08-30 23:48:04 229376 ----a-w- C:\Windows\System32\clinfo.exe
    2013-08-30 23:47:46 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2013-08-30 23:47:40 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2013-08-30 23:47:36 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
    2013-08-30 23:47:30 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2013-08-30 23:47:14 28192256 ----a-w- C:\Windows\System32\amdocl64.dll
    2013-08-30 23:45:04 23760896 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2013-08-30 23:43:12 63488 ----a-w- C:\Windows\System32\OpenCL.dll
    2013-08-30 23:43:08 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2013-08-30 23:35:00 25387520 ----a-w- C:\Windows\System32\atio6axx.dll
    2013-08-30 23:18:20 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
    2013-08-30 23:18:12 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
    2013-08-30 23:18:10 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2013-08-30 23:18:02 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
    2013-08-30 23:18:00 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2013-08-30 23:17:46 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
    2013-08-30 23:14:36 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2013-08-30 23:13:58 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2013-08-30 22:59:02 442368 ----a-w- C:\Windows\System32\atidemgy.dll
    2013-08-30 22:58:50 26112 ----a-w- C:\Windows\System32\atimuixx.dll
    2013-08-30 22:58:44 571904 ----a-w- C:\Windows\System32\atieclxx.exe
    2013-08-30 22:57:54 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
    2013-08-30 22:56:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
    2013-08-30 22:33:22 784384 ----a-w- C:\Windows\System32\atiadlxx.dll
    2013-08-30 22:33:12 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2013-08-30 22:33:08 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2013-08-30 22:32:58 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
    2013-08-30 22:32:54 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2013-08-30 22:32:54 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
    2013-08-30 22:32:50 100352 ----a-w- C:\Windows\System32\atig6txx.dll
    2013-08-30 22:32:42 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2013-08-30 22:32:32 618496 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    .
    ============= FINISH: 7:07:39.40 ===============

    Here's my aswmbr.txt

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-11-22 06:55:30
    -----------------------------
    06:55:30.423 OS Version: Windows x64 6.1.7601 Service Pack 1
    06:55:30.424 Number of processors: 8 586 0x1E05
    06:55:30.424 ComputerName: GURPSGM-PC UserName: gurpsgm
    06:55:35.124 Initialize success
    07:00:49.086 AVAST engine defs: 13112101
    07:02:54.606 Disk 0 MBR has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\MBR.dat"
    07:02:54.606 The log file has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\aswMBR.txt"

    and I've zipped and uploaded my attach.txt......

    so I sure hope someone can help me get rid of this hitchhiker...

    Bruce
    Attached Files Attached Files
    Last edited by tashi; 2013-11-22 at 16:56. Reason: Removed hot link URL
  2. 2013-12-01, 16:54 #2
    gurpsgm
    gurpsgm is offline
    Junior Member
    Join Date
    Aug 2013
    Location
    Shenandoah Valley, VA
    Posts
    5

    Default http://search.yahoo.com/?type=293224&fr=spigot-yhp-ie

    Here's the totally suspect URL:
    EDIT: Removed hot link

    Despite all my best efforts this monster has hijacked IE, Chrome, and Firefox.
    For some strange reason, it has not hijacked Opera.

    But, I would like some help to get rid of this d$%* thing.....

    Bruce
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules