Hi guys. Long story short I was caught in a credit card scam a couple of months ago but I ignored it (cause I'm an *****). But today I noticed some weird things like my internet connection dropping. Both router and modem are fine, but my connection to my laptop drops unexpectedly. Browsed the internet and found this site. I'm sure I got some sort of malware on my laptop and I need your help. Here are the logs.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.11.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Ardit :: DRAGON [administrator]
11/24/2013 11:09:22 PM
mbam-log-2013-11-24 (23-09-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213728
Time elapsed: 10 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
And now for the DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736
Run by Ardit at 23:44:09 on 2013-11-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1808 [GMT -5:00]
.
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Ardit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\Program Files (x86)\NETGEAR Genie\bin\InternetDaemon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Ardit\AppData\Local\Temp\nsy80D6.tmp\PEV.DAT
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273603114935l04d4z145a4862d339
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {b54561db-0bbb-41b4-a814-df8301fe0a8e} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [AdobeBridge] <no file>
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Ardit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573}\679647F6 : DHCPNameServer = 167.206.254.1 167.206.254.2
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1www.spywareinfo.com
.================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Ardit\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-11-18 00:24; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-18 00:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-11-22 14:04; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF - ExtSQL: 2013-11-22 21:32; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-20 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-20 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [2013-11-1 1524824]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-20 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131122.001\IDSviA64.sys [2013-11-22 521816]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-20 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-20 590936]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-22 202752]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-22 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-10-14 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-11-20 264360]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-4-7 232192]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-6-28 255744]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-28 1153368]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-24 137648]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-7-22 321064]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-14 38456]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2011-6-15 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2011-6-15 9096]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-8-24 121416]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-14 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-22 239136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2012-5-13 145384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-14 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
.=============== Created Last 30 ================
.
2013-11-23 04:53:45--------d-----w-C:\Users\Ardit\AppData\Roaming\Gyazo
2013-11-23 04:52:39--------d-----w-C:\Program Files (x86)\Gyazo
2013-11-20 08:41:17590936----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-11-20 08:41:16858200----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-11-20 08:41:16493656----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
2013-11-20 08:41:1636952----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
2013-11-20 08:41:16264280----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
2013-11-20 08:41:1623568----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
2013-11-20 08:41:16162392----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
2013-11-20 08:41:161147480----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
2013-11-20 08:40:50--------d-----w-C:\Windows\System32\drivers\N360x64\1501000.012
2013-11-18 00:34:0516192----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-11-18 00:34:05106088----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-11-18 00:34:041090952----a-w-C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
2013-11-16 23:54:59--------d-----w-C:\Users\Ardit\AppData\Local\{910C7369-AC2A-4BF7-A6D7-EC25BE144B9C}
2013-11-13 14:43:3695680----a-w-C:\Windows\System32\drivers\ksecdd.sys
2013-11-13 14:42:54404480----a-w-C:\Windows\System32\gdi32.dll
2013-11-13 14:42:54311808----a-w-C:\Windows\SysWow64\gdi32.dll
2013-11-13 14:42:17859648----a-w-C:\Windows\System32\IKEEXT.DLL
2013-11-13 14:42:17830464----a-w-C:\Windows\System32\nshwfp.dll
2013-11-13 14:42:17656896----a-w-C:\Windows\SysWow64\nshwfp.dll
2013-11-13 14:42:17324096----a-w-C:\Windows\System32\FWPUCLNT.DLL
2013-11-13 14:42:17216576----a-w-C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-28 21:13:08--------d-----w-C:\Program Files\iPod
2013-10-28 21:13:06--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-28 21:13:05--------d-----w-C:\Program Files\iTunes
2013-10-28 21:13:05--------d-----w-C:\Program Files (x86)\iTunes
2013-10-28 20:29:45--------d-----w-C:\Users\Ardit\AppData\Roaming\WindSolutions
2013-10-28 20:12:27--------d-----w-C:\ProgramData\WindSolutions
.
==================== Find3M ====================
.
2013-11-20 14:46:12177752----a-w-C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-10-23 01:16:3696784----a-w-C:\Windows\SysWow64\packet.dll
2013-10-23 01:16:36369168----a-w-C:\Windows\System32\wpcap.dll
2013-10-23 01:16:3635344----a-w-C:\Windows\System32\drivers\npf.sys
2013-10-23 01:16:36281104----a-w-C:\Windows\SysWow64\wpcap.dll
2013-10-23 01:16:36106000----a-w-C:\Windows\System32\packet.dll
2013-10-12 08:45:202241536----a-w-C:\Windows\System32\wininet.dll
2013-10-12 08:43:373959808----a-w-C:\Windows\System32\jscript9.dll
2013-10-12 08:43:3267072----a-w-C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32136704----a-w-C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:501767936----a-w-C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:332877952----a-w-C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:2961440----a-w-C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:262706432----a-w-C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:582706432----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:3889600----a-w-C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:3971680----a-w-C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-09 06:57:3071048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 06:57:30692616----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-05 20:25:351474048----a-w-C:\Windows\System32\crypt32.dll
2013-10-05 19:57:251168384----a-w-C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31190464----a-w-C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17197120----a-w-C:\Windows\System32\credui.dll
2013-10-04 02:24:491930752----a-w-C:\Windows\System32\authui.dll
2013-10-04 01:58:50152576----a-w-C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25168960----a-w-C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:001796096----a-w-C:\Windows\SysWow64\authui.dll
2013-09-28 01:09:10497152----a-w-C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40154560----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:3328672----a-w-C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33135680----a-w-C:\Windows\System32\sspicli.dll
2013-09-25 02:23:0128160----a-w-C:\Windows\System32\secur32.dll
2013-09-25 02:22:59340992----a-w-C:\Windows\System32\schannel.dll
2013-09-25 02:21:50307200----a-w-C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:071447936----a-w-C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:1796768----a-w-C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:2622016----a-w-C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24247808----a-w-C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42220160----a-w-C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:2430720----a-w-C:\Windows\System32\lsass.exe
2013-09-08 02:30:371903552----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14327168----a-w-C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58231424----a-w-C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11343040----a-w-C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51325120----a-w-C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:4999840----a-w-C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:4352736----a-w-C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:4330720----a-w-C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:4225600----a-w-C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:407808----a-w-C:\Windows\System32\drivers\usbd.sys
2013-08-29 02:17:485549504----a-w-C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:351732032----a-w-C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28243712----a-w-C:\Windows\System32\wow64.dll
2013-08-29 02:16:14859648----a-w-C:\Windows\System32\tdh.dll
2013-08-29 02:13:28878080----a-w-C:\Windows\System32\advapi32.dll
2013-08-29 01:51:453969472----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:453914176----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:315120----a-w-C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:301292192----a-w-C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16619520----a-w-C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17640512----a-w-C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:1544032----a-w-C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:5325600----a-w-C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:527680----a-w-C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:5214336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:492048----a-w-C:\Windows\SysWow64\user.exe
2013-08-28 01:21:063155968----a-w-C:\Windows\System32\win32k.sys
2013-08-28 01:12:33461312----a-w-C:\Windows\System32\scavengeui.dll
2006-05-03 16:06:54163328--sha-w-C:\Windows\SysWOW64\flvDX.dll
2007-02-21 17:47:1631232--sha-w-C:\Windows\SysWOW64\msfDX.dll
2008-03-16 19:30:52216064--sha-w-C:\Windows\SysWOW64\nbDX.dll
2010-01-07 04:00:00107520--sha-w-C:\Windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 23:46:19.31 ===============
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.11.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Ardit :: DRAGON [administrator]
11/24/2013 11:09:22 PM
mbam-log-2013-11-24 (23-09-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213728
Time elapsed: 10 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
And now for the DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736
Run by Ardit at 23:44:09 on 2013-11-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1808 [GMT -5:00]
.
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Ardit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\Program Files (x86)\NETGEAR Genie\bin\InternetDaemon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Ardit\AppData\Local\Temp\nsy80D6.tmp\PEV.DAT
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv53a&r=273603114935l04d4z145a4862d339
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {b54561db-0bbb-41b4-a814-df8301fe0a8e} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [AdobeBridge] <no file>
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Ardit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573}\679647F6 : DHCPNameServer = 167.206.254.1 167.206.254.2
TCP: Interfaces\{FA25B100-53B2-4293-8008-1C3083DCE573}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1www.spywareinfo.com
.================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Ardit\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-11-18 00:24; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-18 00:27; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Ardit\AppData\Roaming\Mozilla\Firefox\Profiles\p9bgwzqp.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-11-22 14:04; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF - ExtSQL: 2013-11-22 21:32; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-20 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-20 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [2013-11-1 1524824]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-20 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131122.001\IDSviA64.sys [2013-11-22 521816]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-20 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-20 590936]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-22 202752]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-22 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-10-14 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-11-20 264360]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-4-7 232192]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-6-28 255744]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-28 1153368]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-24 137648]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-7-22 321064]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-14 38456]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2011-6-15 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2011-6-15 9096]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-8-24 121416]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-14 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-22 239136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2012-5-13 145384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-14 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
.=============== Created Last 30 ================
.
2013-11-23 04:53:45--------d-----w-C:\Users\Ardit\AppData\Roaming\Gyazo
2013-11-23 04:52:39--------d-----w-C:\Program Files (x86)\Gyazo
2013-11-20 08:41:17590936----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
2013-11-20 08:41:16858200----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
2013-11-20 08:41:16493656----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
2013-11-20 08:41:1636952----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
2013-11-20 08:41:16264280----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
2013-11-20 08:41:1623568----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
2013-11-20 08:41:16162392----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
2013-11-20 08:41:161147480----a-r-C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
2013-11-20 08:40:50--------d-----w-C:\Windows\System32\drivers\N360x64\1501000.012
2013-11-18 00:34:0516192----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-11-18 00:34:05159744----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-11-18 00:34:05106088----a-w-C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-11-18 00:34:041090952----a-w-C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
2013-11-16 23:54:59--------d-----w-C:\Users\Ardit\AppData\Local\{910C7369-AC2A-4BF7-A6D7-EC25BE144B9C}
2013-11-13 14:43:3695680----a-w-C:\Windows\System32\drivers\ksecdd.sys
2013-11-13 14:42:54404480----a-w-C:\Windows\System32\gdi32.dll
2013-11-13 14:42:54311808----a-w-C:\Windows\SysWow64\gdi32.dll
2013-11-13 14:42:17859648----a-w-C:\Windows\System32\IKEEXT.DLL
2013-11-13 14:42:17830464----a-w-C:\Windows\System32\nshwfp.dll
2013-11-13 14:42:17656896----a-w-C:\Windows\SysWow64\nshwfp.dll
2013-11-13 14:42:17324096----a-w-C:\Windows\System32\FWPUCLNT.DLL
2013-11-13 14:42:17216576----a-w-C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-28 21:13:08--------d-----w-C:\Program Files\iPod
2013-10-28 21:13:06--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-28 21:13:05--------d-----w-C:\Program Files\iTunes
2013-10-28 21:13:05--------d-----w-C:\Program Files (x86)\iTunes
2013-10-28 20:29:45--------d-----w-C:\Users\Ardit\AppData\Roaming\WindSolutions
2013-10-28 20:12:27--------d-----w-C:\ProgramData\WindSolutions
.
==================== Find3M ====================
.
2013-11-20 14:46:12177752----a-w-C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-10-23 01:16:3696784----a-w-C:\Windows\SysWow64\packet.dll
2013-10-23 01:16:36369168----a-w-C:\Windows\System32\wpcap.dll
2013-10-23 01:16:3635344----a-w-C:\Windows\System32\drivers\npf.sys
2013-10-23 01:16:36281104----a-w-C:\Windows\SysWow64\wpcap.dll
2013-10-23 01:16:36106000----a-w-C:\Windows\System32\packet.dll
2013-10-12 08:45:202241536----a-w-C:\Windows\System32\wininet.dll
2013-10-12 08:43:373959808----a-w-C:\Windows\System32\jscript9.dll
2013-10-12 08:43:3267072----a-w-C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32136704----a-w-C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:501767936----a-w-C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:332877952----a-w-C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:2961440----a-w-C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:262706432----a-w-C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:582706432----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:3889600----a-w-C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:3971680----a-w-C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-09 06:57:3071048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 06:57:30692616----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-05 20:25:351474048----a-w-C:\Windows\System32\crypt32.dll
2013-10-05 19:57:251168384----a-w-C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31190464----a-w-C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17197120----a-w-C:\Windows\System32\credui.dll
2013-10-04 02:24:491930752----a-w-C:\Windows\System32\authui.dll
2013-10-04 01:58:50152576----a-w-C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25168960----a-w-C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:001796096----a-w-C:\Windows\SysWow64\authui.dll
2013-09-28 01:09:10497152----a-w-C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40154560----a-w-C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:3328672----a-w-C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33135680----a-w-C:\Windows\System32\sspicli.dll
2013-09-25 02:23:0128160----a-w-C:\Windows\System32\secur32.dll
2013-09-25 02:22:59340992----a-w-C:\Windows\System32\schannel.dll
2013-09-25 02:21:50307200----a-w-C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:071447936----a-w-C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:1796768----a-w-C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:2622016----a-w-C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24247808----a-w-C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42220160----a-w-C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:2430720----a-w-C:\Windows\System32\lsass.exe
2013-09-08 02:30:371903552----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14327168----a-w-C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58231424----a-w-C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11343040----a-w-C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51325120----a-w-C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:4999840----a-w-C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:4352736----a-w-C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:4330720----a-w-C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:4225600----a-w-C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:407808----a-w-C:\Windows\System32\drivers\usbd.sys
2013-08-29 02:17:485549504----a-w-C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:351732032----a-w-C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28243712----a-w-C:\Windows\System32\wow64.dll
2013-08-29 02:16:14859648----a-w-C:\Windows\System32\tdh.dll
2013-08-29 02:13:28878080----a-w-C:\Windows\System32\advapi32.dll
2013-08-29 01:51:453969472----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:453914176----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:315120----a-w-C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:301292192----a-w-C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16619520----a-w-C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17640512----a-w-C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:1544032----a-w-C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:5325600----a-w-C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:527680----a-w-C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:5214336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:492048----a-w-C:\Windows\SysWow64\user.exe
2013-08-28 01:21:063155968----a-w-C:\Windows\System32\win32k.sys
2013-08-28 01:12:33461312----a-w-C:\Windows\System32\scavengeui.dll
2006-05-03 16:06:54163328--sha-w-C:\Windows\SysWOW64\flvDX.dll
2007-02-21 17:47:1631232--sha-w-C:\Windows\SysWOW64\msfDX.dll
2008-03-16 19:30:52216064--sha-w-C:\Windows\SysWOW64\nbDX.dll
2010-01-07 04:00:00107520--sha-w-C:\Windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 23:46:19.31 ===============