gurpsgm
2013-11-22, 13:27
Hi! I still don't know how to get rid of this thing, but I did find the logs you asked for...
I still get a home page of: (Edit) and it's on all three of my browsers, and repeated attempts to change it back are useless.
Here's my dds.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.45.2
Run by gurpsgm at 7:06:19 on 2013-11-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5417 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\System32\Drivers\WTSRV.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\EMET (Tech Preview)\EMET_notifier.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\RegZooka\RegZookaScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
BHO: Send to MyInfo (Attachment): {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Send to MyInfo: {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\CoIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Screenshot Captor] "C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe" /autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [atr.exe] <no file>
dRun: [Norton Download Manager{NF2809-PROD-FSD3202}] C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe /m
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AnyTime.lnk - C:\Program Files (x86)\AnyTime Organizer Premier\ISI Launcher.exe
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\PHOTOF~1.LNK - C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
uPolicies-Explorer: NoCDBurning = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:4
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoFileAssociate = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {F0D6B094-D85E-4EDB-81EE-971A684343AB} - {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
IE: {f192ebcd-82e5-11da-954e-00e08161165f} - {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: vzTCPConfig - hxxp://my.verizon.com/services/SpeedOptimizer/HSI/vzTCPConfig.CAB
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A60CDF4F-BD12-46F2-8FC2-685CB013FE71} : DHCPNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: klogon - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - <orphaned>
x64-mStart Page = hxxp://www.google.com
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
x64-Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\gurpsgm\AppData\Roaming\Mozilla\Firefox\Profiles\8ckfqq5x.default-1384954388521\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ff
FF - prefs.js: keyword.url - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\Users\gurpsgm\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Square Enix\nprun3d.dll
FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\gurpsgm\Music\Winamp Detect\npwachk.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
FF - ExtSQL: 2013-11-18 23:19; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-11-19 21:05; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF
FF - ExtSQL: 2013-11-20 08:16; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2013-5-30 54848]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\symds64.sys [2013-10-11 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys [2013-10-11 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [2013-11-18 1524824]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys [2013-8-22 168096]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys [2013-10-11 162392]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [2013-8-4 169048]
R1 ccSet_NZ;Norton Zone Settings Manager;C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys [2013-11-13 162392]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-1-20 31432]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131121.001\IDSviA64.sys [2013-11-21 521816]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\ironx64.sys [2013-10-11 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-10-11 590936]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-12 878368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-8-30 239616]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2010-10-13 151552]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-9-15 1164328]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-12 2151200]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-11-4 517632]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe [2013-8-22 143928]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe [2013-10-11 264360]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [2013-8-4 144368]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
R2 NZ;Norton Zone;C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe [2013-11-13 143856]
R2 PDFSFilter;PDFSFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-8-23 83224]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-30 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-30 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-30 171416]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe [2013-10-18 1025408]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-30 5788016]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-30 484720]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-27 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-10-15 50704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-20 137648]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-5 32344]
R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-5 250984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-5 553576]
R3 SaiK0728;SaiK0728;C:\Windows\System32\drivers\SaiK0728.sys [2013-4-5 160264]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 bcgame;Nostromo HID Device Minidriver;C:\Windows\System32\drivers\bcgame.sys [2013-10-27 35328]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2013-11-20 22704]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-6 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2013-6-22 30192]
S3 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-11-9 335168]
S3 jswpsapi;Jumpstart Wifi Protected Setup; [x]
S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2013-9-7 15896]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2013-9-7 327576]
S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-8-27 34336]
S3 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-3-7 16000]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-8-27 23016]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-10-30 18288]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-22 1255736]
S4 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2012-9-4 401920]
S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-20 173192]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-7-29 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-7-29 79360]
S4 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-8-27 23048]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
S4 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-5-28 230416]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\NotePro.exe="C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe" "%1" [UserChoice]
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
ShellExec: cse110.exe: edit="C:\Program Files (x86)\HTMLValidator110\cmdlineprocessor.exe" -o "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-11-21 19:00:24 98816 ----a-w- C:\Windows\sed.exe
2013-11-21 19:00:24 256000 ----a-w- C:\Windows\PEV.exe
2013-11-21 19:00:24 208896 ----a-w- C:\Windows\MBR.exe
2013-11-21 19:00:21 -------- dc----w- C:\ComboFix
2013-11-21 11:14:01 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\DriverCure
2013-11-20 22:05:30 -------- d-----w- C:\Users\gurpsgm\AppData\Local\FileTypeAssistant
2013-11-20 14:51:54 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\SparkTrust
2013-11-20 14:51:39 -------- d-----w- C:\Program Files (x86)\Common Files\SparkTrust
2013-11-20 14:51:33 -------- d-----w- C:\ProgramData\SparkTrust
2013-11-20 14:51:33 -------- d-----w- C:\Program Files (x86)\SparkTrust
2013-11-20 13:45:21 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-11-20 13:45:13 -------- dc----w- C:\sh4ldr
2013-11-20 13:45:13 -------- dc----w- C:\Program Files\Enigma Software Group
2013-11-20 13:43:55 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-20 13:37:08 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll
2013-11-20 13:37:08 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll
2013-11-20 13:37:07 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2013-11-20 13:37:07 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2013-11-20 13:37:07 -------- d-----w- C:\Program Files (x86)\Spigot Removal Tool
2013-11-20 12:52:20 -------- d-----w- C:\Windows\ERUNT
2013-11-20 12:39:31 -------- dc----w- C:\AdwCleaner
2013-11-19 16:11:15 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Virtual Mechanics
2013-11-19 16:11:15 -------- d-----w- C:\ProgramData\Virtual Mechanics
2013-11-19 16:10:06 -------- d-----w- C:\Program Files (x86)\Virtual Mechanics
2013-11-19 12:43:55 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Malwarebytes
2013-11-19 12:43:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-19 12:43:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-19 12:43:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 11:52:06 -------- d-----w- C:\Users\gurpsgm\AppData\Local\LogMeIn Rescue Applet
2013-11-19 11:38:44 -------- dc----w- C:\temp
2013-11-13 19:55:41 162392 ----a-r- C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys
2013-11-13 19:55:38 -------- d-----w- C:\Windows\System32\drivers\NZx64\01000F0.00D
2013-11-13 12:24:01 -------- dc----w- C:\Vocation
2013-11-13 12:23:42 -------- dc----w- C:\Transits
2013-11-13 12:23:17 -------- dc----w- C:\TNA_db
2013-11-13 12:22:59 -------- dc----w- C:\SE_Triple_Aspects
2013-11-13 12:22:39 -------- dc----w- C:\SE_Quadruple_Aspects
2013-11-13 12:22:17 434176 ----a-w- C:\Windows\SysWow64\swedll32.dll
2013-11-13 12:22:17 -------- dc----w- C:\SE_Aspectarian
2013-11-13 12:21:44 1355776 ----a-w- C:\Windows\SysWow64\Msvbvm50.dll
2013-11-13 12:21:44 -------- dc----w- C:\AstroWin
2013-11-13 12:19:34 260880 ----a-w- C:\Windows\SysWow64\Msflxgrd.ocx
2013-11-13 12:19:34 -------- dc----w- C:\Astro123
2013-11-12 18:30:08 -------- d-----w- C:\Users\gurpsgm\AppData\Local\WhiteListing
2013-11-12 17:37:27 -------- d-----w- C:\Program Files (x86)\Kyodai Mahjongg 2006
2013-11-12 17:36:26 33792 ------w- C:\Windows\System32\ImHttpComm.dll_old
2013-11-12 17:36:26 1761584 ------w- C:\Windows\System32\dmwu.exe_old
2013-11-12 14:46:31 -------- d-----w- C:\ProgramData\ProductData
2013-11-12 13:11:30 -------- d-----w- C:\Users\gurpsgm\Metacreator
2013-11-11 03:58:38 -------- d-----w- C:\Program Files (x86)\Alchemy Mindworks
2013-11-11 03:58:37 -------- d-----w- C:\ProgramData\Alchemy Mindworks
2013-11-08 00:51:16 -------- d-----w- C:\Program Files (x86)\Metacreator Demo
2013-11-05 18:35:25 -------- d-sh--w- C:\ProgramData\DSS
2013-11-05 13:36:30 -------- d-----w- C:\ProgramData\LightScribe
2013-11-02 21:28:41 -------- dc----w- C:\cc7c692bc60a8fe4f9ebe7f97f
2013-11-02 20:52:37 -------- d-----w- C:\Program Files (x86)\The Witcher 2
2013-11-01 19:15:29 -------- d-----w- C:\Program Files (x86)\Print Workshop
2013-11-01 19:08:29 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Auexsoft
2013-11-01 18:58:01 -------- d-----w- C:\Program Files (x86)\AuexSoft
2013-11-01 18:53:36 -------- d-----w- C:\Program Files (x86)\PDFsvg
2013-11-01 18:37:14 -------- d-----w- C:\Users\gurpsgm\AppData\Local\NativeMessaging
2013-11-01 18:36:16 -------- d-----w- C:\Program Files (x86)\ABC Amber LIT Converter
2013-11-01 00:57:57 -------- d-----w- C:\Users\gurpsgm\AppData\Local\Kingsoft
2013-10-31 03:51:54 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-10-31 03:40:58 -------- d-----w- C:\Program Files (x86)\SeaMonkey
2013-10-31 03:32:33 -------- d-----w- C:\ProgramData\Kingsoft
2013-10-31 03:31:24 -------- d-----w- C:\Program Files (x86)\Kingsoft
2013-10-31 03:31:19 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Kingsoft
2013-10-27 15:13:12 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Belkin
2013-10-27 15:13:04 35328 ----a-w- C:\Windows\System32\drivers\bcgame.sys
2013-10-27 15:13:04 226288 ----a-w- C:\Windows\System32\bgcpsp.dll
2013-10-27 15:12:41 -------- d-----w- C:\Program Files (x86)\Belkin
2013-10-25 15:09:12 202920 ----a-w- C:\Windows\Pagan Daybook.scr
2013-10-24 22:04:53 -------- d-----w- C:\Program Files (x86)\eags on!
.
==================== Find3M ====================
.
2013-11-16 16:52:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-23 16:00:56 454168 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2013-10-09 08:53:52 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-04 12:23:13 24 --sha-w- C:\Users\gurpsgm\AppData\Roaming\1D959CA221C7573.sys
2013-09-30 14:16:10 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2013-09-27 03:18:30 1147480 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys
2013-09-27 02:26:03 858200 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-09-26 03:28:00 590936 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-09-26 02:50:25 162392 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys
2013-09-25 16:53:27 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-09-15 18:37:28 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-15 18:37:11 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2013-09-15 18:37:11 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-09-09 22:26:34 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-09-09 22:26:24 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-09-09 22:08:10 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-09-09 22:08:08 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2013-09-09 07:57:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-09-09 07:57:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-08-31 00:14:00 142792 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-08-31 00:14:00 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-08-31 00:13:58 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-08-31 00:13:58 114488 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-08-31 00:13:56 1233080 ----a-w- C:\Windows\System32\aticfx64.dll
2013-08-31 00:13:54 1027544 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-08-31 00:13:50 9464840 ----a-w- C:\Windows\System32\atidxx64.dll
2013-08-31 00:13:46 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-08-31 00:13:42 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-08-31 00:13:38 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-08-31 00:13:32 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-08-31 00:13:30 7256496 ----a-w- C:\Windows\System32\atiumd64.dll
2013-08-31 00:11:28 12528640 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-08-30 23:58:50 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-08-30 23:53:48 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2013-08-30 23:48:44 127488 ----a-w- C:\Windows\System32\coinst_13.152.dll
2013-08-30 23:48:04 229376 ----a-w- C:\Windows\System32\clinfo.exe
2013-08-30 23:47:46 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-08-30 23:47:40 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-08-30 23:47:36 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-08-30 23:47:30 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-08-30 23:47:14 28192256 ----a-w- C:\Windows\System32\amdocl64.dll
2013-08-30 23:45:04 23760896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-08-30 23:43:12 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-08-30 23:43:08 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-08-30 23:35:00 25387520 ----a-w- C:\Windows\System32\atio6axx.dll
2013-08-30 23:18:20 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-08-30 23:18:12 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-08-30 23:18:10 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-08-30 23:18:02 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-08-30 23:18:00 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-08-30 23:17:46 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-08-30 23:14:36 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-08-30 23:13:58 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-08-30 22:59:02 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-08-30 22:58:50 26112 ----a-w- C:\Windows\System32\atimuixx.dll
2013-08-30 22:58:44 571904 ----a-w- C:\Windows\System32\atieclxx.exe
2013-08-30 22:57:54 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-08-30 22:56:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-08-30 22:33:22 784384 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-08-30 22:33:12 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-08-30 22:33:08 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-08-30 22:32:58 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-08-30 22:32:54 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-08-30 22:32:54 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-08-30 22:32:50 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-08-30 22:32:42 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-08-30 22:32:32 618496 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
.
============= FINISH: 7:07:39.40 ===============
Here's my aswmbr.txt
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-22 06:55:30
-----------------------------
06:55:30.423 OS Version: Windows x64 6.1.7601 Service Pack 1
06:55:30.424 Number of processors: 8 586 0x1E05
06:55:30.424 ComputerName: GURPSGM-PC UserName: gurpsgm
06:55:35.124 Initialize success
07:00:49.086 AVAST engine defs: 13112101
07:02:54.606 Disk 0 MBR has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\MBR.dat"
07:02:54.606 The log file has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\aswMBR.txt"
and I've zipped and uploaded my attach.txt......
so I sure hope someone can help me get rid of this hitchhiker...
Bruce
I still get a home page of: (Edit) and it's on all three of my browsers, and repeated attempts to change it back are useless.
Here's my dds.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.45.2
Run by gurpsgm at 7:06:19 on 2013-11-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5417 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\System32\Drivers\WTSRV.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\EMET (Tech Preview)\EMET_notifier.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\RegZooka\RegZookaScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
BHO: Send to MyInfo (Attachment): {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Send to MyInfo: {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\CoIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Screenshot Captor] "C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe" /autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [atr.exe] <no file>
dRun: [Norton Download Manager{NF2809-PROD-FSD3202}] C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe /m
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AnyTime.lnk - C:\Program Files (x86)\AnyTime Organizer Premier\ISI Launcher.exe
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\gurpsgm\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\PHOTOF~1.LNK - C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
uPolicies-Explorer: NoCDBurning = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:4
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoFileAssociate = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {F0D6B094-D85E-4EDB-81EE-971A684343AB} - {4DBB4D17-C65B-4868-8E9C-7779FB3DDA27} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfoAttachment.dll
IE: {f192ebcd-82e5-11da-954e-00e08161165f} - {A1AD13F3-B8F0-4584-8088-8BCBDB42663F} - C:\Program Files (x86)\Milenix\MyInfo 6\SendIEToMyInfo.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: vzTCPConfig - hxxp://my.verizon.com/services/SpeedOptimizer/HSI/vzTCPConfig.CAB
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A60CDF4F-BD12-46F2-8FC2-685CB013FE71} : DHCPNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: klogon - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - <orphaned>
x64-mStart Page = hxxp://www.google.com
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll
x64-Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
x64-Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\gurpsgm\AppData\Roaming\Mozilla\Firefox\Profiles\8ckfqq5x.default-1384954388521\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ff
FF - prefs.js: keyword.url - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\Users\gurpsgm\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Square Enix\nprun3d.dll
FF - plugin: C:\Users\gurpsgm\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\gurpsgm\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\gurpsgm\Music\Winamp Detect\npwachk.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
FF - ExtSQL: 2013-11-18 23:19; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-11-19 21:05; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF
FF - ExtSQL: 2013-11-20 08:16; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2013-5-30 54848]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\symds64.sys [2013-10-11 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys [2013-10-11 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [2013-11-18 1524824]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys [2013-8-22 168096]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys [2013-10-11 162392]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [2013-8-4 169048]
R1 ccSet_NZ;Norton Zone Settings Manager;C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys [2013-11-13 162392]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-1-20 31432]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131121.001\IDSviA64.sys [2013-11-21 521816]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\ironx64.sys [2013-10-11 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-10-11 590936]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-12 878368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-8-30 239616]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2010-10-13 151552]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-9-15 1164328]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-12 2151200]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-11-4 517632]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe [2013-8-22 143928]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe [2013-10-11 264360]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [2013-8-4 144368]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
R2 NZ;Norton Zone;C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe [2013-11-13 143856]
R2 PDFSFilter;PDFSFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-8-23 83224]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-30 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-30 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-30 171416]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe [2013-10-18 1025408]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-30 5788016]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-30 484720]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-27 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-10-15 50704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-20 137648]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-5 32344]
R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-5 250984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-5 553576]
R3 SaiK0728;SaiK0728;C:\Windows\System32\drivers\SaiK0728.sys [2013-4-5 160264]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 bcgame;Nostromo HID Device Minidriver;C:\Windows\System32\drivers\bcgame.sys [2013-10-27 35328]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2013-11-20 22704]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-6 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2013-6-22 30192]
S3 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-11-9 335168]
S3 jswpsapi;Jumpstart Wifi Protected Setup; [x]
S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2013-9-7 15896]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2013-9-7 327576]
S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-8-27 34336]
S3 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-3-7 16000]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-8-27 23016]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-10-30 18288]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-22 1255736]
S4 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2012-9-4 401920]
S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-20 173192]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-7-29 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-7-29 79360]
S4 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-8-27 23048]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
S4 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-5-28 230416]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\NotePro.exe="C:\Program Files (x86)\NoteTab Pro 6\NotePro.exe" "%1" [UserChoice]
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
ShellExec: cse110.exe: edit="C:\Program Files (x86)\HTMLValidator110\cmdlineprocessor.exe" -o "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-11-21 19:00:24 98816 ----a-w- C:\Windows\sed.exe
2013-11-21 19:00:24 256000 ----a-w- C:\Windows\PEV.exe
2013-11-21 19:00:24 208896 ----a-w- C:\Windows\MBR.exe
2013-11-21 19:00:21 -------- dc----w- C:\ComboFix
2013-11-21 11:14:01 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\DriverCure
2013-11-20 22:05:30 -------- d-----w- C:\Users\gurpsgm\AppData\Local\FileTypeAssistant
2013-11-20 14:51:54 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\SparkTrust
2013-11-20 14:51:39 -------- d-----w- C:\Program Files (x86)\Common Files\SparkTrust
2013-11-20 14:51:33 -------- d-----w- C:\ProgramData\SparkTrust
2013-11-20 14:51:33 -------- d-----w- C:\Program Files (x86)\SparkTrust
2013-11-20 13:45:21 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-11-20 13:45:14 110080 ----a-r- C:\Users\gurpsgm\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-11-20 13:45:13 -------- dc----w- C:\sh4ldr
2013-11-20 13:45:13 -------- dc----w- C:\Program Files\Enigma Software Group
2013-11-20 13:43:55 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-20 13:37:08 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll
2013-11-20 13:37:08 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll
2013-11-20 13:37:07 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2013-11-20 13:37:07 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2013-11-20 13:37:07 -------- d-----w- C:\Program Files (x86)\Spigot Removal Tool
2013-11-20 12:52:20 -------- d-----w- C:\Windows\ERUNT
2013-11-20 12:39:31 -------- dc----w- C:\AdwCleaner
2013-11-19 16:11:15 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Virtual Mechanics
2013-11-19 16:11:15 -------- d-----w- C:\ProgramData\Virtual Mechanics
2013-11-19 16:10:06 -------- d-----w- C:\Program Files (x86)\Virtual Mechanics
2013-11-19 12:43:55 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Malwarebytes
2013-11-19 12:43:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-19 12:43:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-19 12:43:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 11:52:06 -------- d-----w- C:\Users\gurpsgm\AppData\Local\LogMeIn Rescue Applet
2013-11-19 11:38:44 -------- dc----w- C:\temp
2013-11-13 19:55:41 162392 ----a-r- C:\Windows\System32\drivers\NZx64\01000F0.00D\ccSetx64.sys
2013-11-13 19:55:38 -------- d-----w- C:\Windows\System32\drivers\NZx64\01000F0.00D
2013-11-13 12:24:01 -------- dc----w- C:\Vocation
2013-11-13 12:23:42 -------- dc----w- C:\Transits
2013-11-13 12:23:17 -------- dc----w- C:\TNA_db
2013-11-13 12:22:59 -------- dc----w- C:\SE_Triple_Aspects
2013-11-13 12:22:39 -------- dc----w- C:\SE_Quadruple_Aspects
2013-11-13 12:22:17 434176 ----a-w- C:\Windows\SysWow64\swedll32.dll
2013-11-13 12:22:17 -------- dc----w- C:\SE_Aspectarian
2013-11-13 12:21:44 1355776 ----a-w- C:\Windows\SysWow64\Msvbvm50.dll
2013-11-13 12:21:44 -------- dc----w- C:\AstroWin
2013-11-13 12:19:34 260880 ----a-w- C:\Windows\SysWow64\Msflxgrd.ocx
2013-11-13 12:19:34 -------- dc----w- C:\Astro123
2013-11-12 18:30:08 -------- d-----w- C:\Users\gurpsgm\AppData\Local\WhiteListing
2013-11-12 17:37:27 -------- d-----w- C:\Program Files (x86)\Kyodai Mahjongg 2006
2013-11-12 17:36:26 33792 ------w- C:\Windows\System32\ImHttpComm.dll_old
2013-11-12 17:36:26 1761584 ------w- C:\Windows\System32\dmwu.exe_old
2013-11-12 14:46:31 -------- d-----w- C:\ProgramData\ProductData
2013-11-12 13:11:30 -------- d-----w- C:\Users\gurpsgm\Metacreator
2013-11-11 03:58:38 -------- d-----w- C:\Program Files (x86)\Alchemy Mindworks
2013-11-11 03:58:37 -------- d-----w- C:\ProgramData\Alchemy Mindworks
2013-11-08 00:51:16 -------- d-----w- C:\Program Files (x86)\Metacreator Demo
2013-11-05 18:35:25 -------- d-sh--w- C:\ProgramData\DSS
2013-11-05 13:36:30 -------- d-----w- C:\ProgramData\LightScribe
2013-11-02 21:28:41 -------- dc----w- C:\cc7c692bc60a8fe4f9ebe7f97f
2013-11-02 20:52:37 -------- d-----w- C:\Program Files (x86)\The Witcher 2
2013-11-01 19:15:29 -------- d-----w- C:\Program Files (x86)\Print Workshop
2013-11-01 19:08:29 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Auexsoft
2013-11-01 18:58:01 -------- d-----w- C:\Program Files (x86)\AuexSoft
2013-11-01 18:53:36 -------- d-----w- C:\Program Files (x86)\PDFsvg
2013-11-01 18:37:14 -------- d-----w- C:\Users\gurpsgm\AppData\Local\NativeMessaging
2013-11-01 18:36:16 -------- d-----w- C:\Program Files (x86)\ABC Amber LIT Converter
2013-11-01 00:57:57 -------- d-----w- C:\Users\gurpsgm\AppData\Local\Kingsoft
2013-10-31 03:51:54 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-10-31 03:40:58 -------- d-----w- C:\Program Files (x86)\SeaMonkey
2013-10-31 03:32:33 -------- d-----w- C:\ProgramData\Kingsoft
2013-10-31 03:31:24 -------- d-----w- C:\Program Files (x86)\Kingsoft
2013-10-31 03:31:19 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Kingsoft
2013-10-27 15:13:12 -------- d-----w- C:\Users\gurpsgm\AppData\Roaming\Belkin
2013-10-27 15:13:04 35328 ----a-w- C:\Windows\System32\drivers\bcgame.sys
2013-10-27 15:13:04 226288 ----a-w- C:\Windows\System32\bgcpsp.dll
2013-10-27 15:12:41 -------- d-----w- C:\Program Files (x86)\Belkin
2013-10-25 15:09:12 202920 ----a-w- C:\Windows\Pagan Daybook.scr
2013-10-24 22:04:53 -------- d-----w- C:\Program Files (x86)\eags on!
.
==================== Find3M ====================
.
2013-11-16 16:52:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-23 16:00:56 454168 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2013-10-09 08:53:52 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-04 12:23:13 24 --sha-w- C:\Users\gurpsgm\AppData\Roaming\1D959CA221C7573.sys
2013-09-30 14:16:10 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2013-09-27 03:18:30 1147480 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symefa64.sys
2013-09-27 02:26:03 858200 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-09-26 03:28:00 590936 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-09-26 02:50:25 162392 ----a-w- C:\Windows\System32\drivers\N360x64\1501000.012\ccsetx64.sys
2013-09-25 16:53:27 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-09-15 18:37:28 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-15 18:37:11 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2013-09-15 18:37:11 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-09-09 22:26:34 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-09-09 22:26:24 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-09-09 22:08:10 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-09-09 22:08:08 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2013-09-09 07:57:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-09-09 07:57:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-08-31 00:14:00 142792 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-08-31 00:14:00 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-08-31 00:13:58 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-08-31 00:13:58 114488 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-08-31 00:13:56 1233080 ----a-w- C:\Windows\System32\aticfx64.dll
2013-08-31 00:13:54 1027544 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-08-31 00:13:50 9464840 ----a-w- C:\Windows\System32\atidxx64.dll
2013-08-31 00:13:46 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-08-31 00:13:42 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-08-31 00:13:38 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-08-31 00:13:32 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-08-31 00:13:30 7256496 ----a-w- C:\Windows\System32\atiumd64.dll
2013-08-31 00:11:28 12528640 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-08-30 23:58:50 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-08-30 23:53:48 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2013-08-30 23:48:44 127488 ----a-w- C:\Windows\System32\coinst_13.152.dll
2013-08-30 23:48:04 229376 ----a-w- C:\Windows\System32\clinfo.exe
2013-08-30 23:47:46 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-08-30 23:47:40 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-08-30 23:47:36 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-08-30 23:47:30 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-08-30 23:47:14 28192256 ----a-w- C:\Windows\System32\amdocl64.dll
2013-08-30 23:45:04 23760896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-08-30 23:43:12 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-08-30 23:43:08 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-08-30 23:35:00 25387520 ----a-w- C:\Windows\System32\atio6axx.dll
2013-08-30 23:18:20 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-08-30 23:18:12 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-08-30 23:18:10 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-08-30 23:18:02 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-08-30 23:18:00 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-08-30 23:17:46 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-08-30 23:14:36 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-08-30 23:13:58 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-08-30 22:59:02 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-08-30 22:58:50 26112 ----a-w- C:\Windows\System32\atimuixx.dll
2013-08-30 22:58:44 571904 ----a-w- C:\Windows\System32\atieclxx.exe
2013-08-30 22:57:54 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-08-30 22:56:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-08-30 22:33:22 784384 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-08-30 22:33:12 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-08-30 22:33:08 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-08-30 22:32:58 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-08-30 22:32:54 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-08-30 22:32:54 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-08-30 22:32:50 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-08-30 22:32:42 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-08-30 22:32:32 618496 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
.
============= FINISH: 7:07:39.40 ===============
Here's my aswmbr.txt
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-22 06:55:30
-----------------------------
06:55:30.423 OS Version: Windows x64 6.1.7601 Service Pack 1
06:55:30.424 Number of processors: 8 586 0x1E05
06:55:30.424 ComputerName: GURPSGM-PC UserName: gurpsgm
06:55:35.124 Initialize success
07:00:49.086 AVAST engine defs: 13112101
07:02:54.606 Disk 0 MBR has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\MBR.dat"
07:02:54.606 The log file has been saved successfully to "C:\Users\gurpsgm\Documents\Bruce\Computer\Problems\aswMBR.txt"
and I've zipped and uploaded my attach.txt......
so I sure hope someone can help me get rid of this hitchhiker...
Bruce