I have a problem on my computer that I recently noticed with pop-ups. I'm not sure how I got them, or where it came from. I am getting them very often and on most websites that I visit. Sorry for the brief explanation, but I'm not very experienced in viruses and how they work, nor how you get them. Also, gmer will not work on my computer. It downloads and everything, but for some reason every time I try to open it my computer freezes. Not too sure what to do about that.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.10.2
Run by christian at 12:51:01 on 2013-01-15
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3983.1286 [GMT -8:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: CouponAmazing: {511850B6-0D00-4EC4-A0CB-906B2F741568} - C:\Users\christian\AppData\Local\couponamazing\ie\couponamazing_1356771002.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: CouponMatcher: {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\CouponMatcher\CouponMatcher.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E} : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E}\2375942554330393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E}\26279616E6E61637D616C6C677F6F646 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{44449148-2BEF-4758-9A26-F0FBBB14BAED} : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\u6wxgxo5.default-1358303629902\
FF - plugin: C:\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISb.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-13 13:51; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF - ExtSQL: 2013-01-15 17:29; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF - ExtSQL: 2013-01-15 18:34; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\u6wxgxo5.default-1358303629902\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\Drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2013-1-15 168096]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-27 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-11-27 98208]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-27 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-14 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-14 682344]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2013-1-15 143928]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe [2012-12-26 143928]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-27 364416]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130111.001\BHDrvx64.sys [2013-1-15 1384608]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1402000.013\ccsetx64.sys [2012-12-26 168096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-27 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130115.001\IDSviA64.sys [2013-1-15 513184]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-14 24176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-11-27 1958984]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-27 683664]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-27 43832]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1402000.013\symds64.sys [2012-12-26 493216]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1402000.013\symefa64.sys [2012-12-26 1133216]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\ironx64.sys [2012-12-26 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\symnets.sys [2012-12-26 432800]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288]
S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\symelam.sys [2012-12-26 23448]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-27 266896]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-11-27 41272]
.
=============== Created Last 30 ================
.
2013-01-16 02:13:49 -------- d-----w- C:\Users\christian\AppData\Local\CrashDumps
2013-01-16 01:40:36 168096 ----a-r- C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys
2013-01-16 01:40:33 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64\0302000.013
2013-01-16 01:40:33 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64
2013-01-16 01:40:33 -------- d-----w- C:\Program Files (x86)\Norton Management
2013-01-15 05:35:47 -------- d-----w- C:\Users\christian\AppData\Roaming\Malwarebytes
2013-01-15 05:35:37 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-15 05:35:35 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-15 05:35:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-15 05:35:24 -------- d-----w- C:\Users\christian\AppData\Local\Programs
2013-01-13 03:52:18 182464 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10188.bin
2013-01-03 04:52:39 753664 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2013-01-03 04:52:38 2146816 ----a-w- C:\Windows\System32\actxprxy.dll
2013-01-03 04:52:37 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2013-01-03 04:52:36 8856576 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-01-03 04:52:36 2302464 ----a-w- C:\Windows\System32\authui.dll
2013-01-03 04:52:36 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
2013-01-03 04:52:36 10096640 ----a-w- C:\Windows\System32\twinui.dll
2013-01-03 04:50:59 3244032 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-01-03 04:50:17 6972136 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-03 04:46:59 48640 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2013-01-03 04:45:58 592896 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2013-01-03 04:45:58 415232 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
2013-01-03 04:45:58 410624 ----a-w- C:\Windows\SysWow64\Windows.Networking.dll
2013-01-03 04:45:57 594944 ----a-w- C:\Windows\System32\Windows.Networking.dll
2013-01-03 04:45:53 460800 ----a-w- C:\Windows\SysWow64\SHCore.dll
2012-12-29 10:54:11 -------- d-----w- C:\Users\christian\AppData\Local\couponamazing
2012-12-29 10:47:27 -------- d-----w- C:\Users\christian\AppData\Local\Macromedia
2012-12-28 22:02:33 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 22:02:32 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 07:07:03 -------- d-----w- C:\Users\christian\AppData\Local\Mozilla
2012-12-28 07:03:30 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-27 22:13:41 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-12-26 20:33:14 776864 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys
2012-12-26 20:33:14 493216 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symds64.sys
2012-12-26 20:33:14 432800 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys
2012-12-26 20:33:14 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\srtspx64.sys
2012-12-26 20:33:14 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\symelam.sys
2012-12-26 20:33:14 1133216 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symefa64.sys
2012-12-26 20:33:13 224416 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\ironx64.sys
2012-12-26 20:33:13 168096 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\ccsetx64.sys
2012-12-26 20:32:56 -------- d-----w- C:\Windows\System32\drivers\NISx64\1402000.013
2012-12-26 09:48:15 -------- d-----w- C:\Users\christian\AbiSuite
2012-12-26 09:46:31 -------- d-----w- C:\Program Files (x86)\AbiWord
2012-12-26 09:42:02 -------- d-----w- C:\Users\christian\AppData\Local\MicrosoftStore
2012-12-26 07:45:04 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-12-26 07:44:55 -------- d-----w- C:\Program Files (x86)\Steam
2012-12-26 06:20:05 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2012-12-26 06:20:04 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2012-12-26 05:43:03 94208 ----a-w- C:\Windows\System32\synceng.dll
2012-12-26 05:43:03 72192 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-12-26 05:42:42 4056576 ----a-w- C:\Windows\System32\win32k.sys
2012-12-26 02:33:42 -------- d-----w- C:\Program Files (x86)\GamingWonderlandEI
2012-12-25 20:14:07 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2012-12-25 20:13:59 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2012-12-24 23:47:16 -------- d-----w- C:\Users\christian\AppData\Roaming\Coupon Matcher
2012-12-24 23:47:15 -------- d-----w- C:\Program Files (x86)\CouponMatcher
2012-12-24 21:57:41 -------- d-----w- C:\Users\christian\AppData\Roaming\hpqlog
2012-12-24 21:57:40 -------- d-----w- C:\Users\christian\AppData\Local\Hewlett-Packard
2012-12-24 19:57:37 -------- d-----w- C:\Users\christian\AppData\Roaming\.minecraft
2012-12-24 19:55:47 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-24 19:55:47 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-24 19:55:38 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-24 19:49:58 -------- d-----w- C:\Users\christian\AppData\Local\Diagnostics
2012-12-24 19:45:37 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-24 19:31:21 -------- d-----r- C:\Users\christian\Searches
2012-12-24 19:31:20 -------- d-----r- C:\Users\christian\Contacts
2012-12-24 19:29:42 -------- d-----w- C:\Users\christian\AppData\Local\Power2Go8
2012-12-24 19:29:28 -------- d-----w- C:\Users\christian\AppData\Roaming\Synaptics
2012-12-24 19:28:32 -------- d-----w- C:\Users\christian\AppData\Local\VirtualStore
2012-12-24 19:28:08 -------- d-----w- C:\Users\christian\AppData\Local\Packages
2012-12-24 19:26:42 -------- d--h--w- C:\Users\christian\AppData
2012-12-24 19:26:42 -------- d-----w- C:\Users\christian\AppData\Local\Temp
2012-12-24 19:26:42 -------- d-----w- C:\Users\christian\AppData\Local\Microsoft
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Videos
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Saved Games
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Pictures
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Music
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Links
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Downloads
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Documents
.
==================== Find3M ====================
.
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-29 23:06:06 80736 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-29 23:06:06 695648 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 22:27:49 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-11-27 22:22:26 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-11-27 22:22:26 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-11-27 22:22:25 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-10 04:23:25 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-11-10 04:23:18 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-11-10 04:22:40 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-11-10 04:22:35 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-11-10 04:22:14 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-11-10 04:20:20 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-11-03 05:26:59 132096 ----a-w- C:\Windows\System32\sysreset.exe
2012-11-03 05:26:40 34816 ----a-w- C:\Windows\System32\dpnsvr.exe
2012-11-03 05:26:12 32256 ----a-w- C:\Windows\SysWow64\dpnsvr.exe
2012-11-03 05:25:40 945152 ----a-w- C:\Windows\System32\resetengmig.dll
2012-11-03 05:25:40 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll
2012-11-03 05:25:40 1009664 ----a-w- C:\Windows\System32\reseteng.dll
2012-11-03 05:25:39 443392 ----a-w- C:\Windows\System32\ReAgent.dll
2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhupnp.dll
2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhpast.dll
2012-11-03 05:24:34 58880 ----a-w- C:\Windows\SysWow64\dpnathlp.dll
2012-11-03 05:24:34 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll
2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhpast.dll
2012-11-03 05:24:11 67584 ----a-w- C:\Windows\System32\dpnathlp.dll
2012-11-03 05:24:11 463872 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-03 05:04:21 4096 ----a-w- C:\Windows\System32\dpnlobby.dll
2012-11-03 05:04:19 3584 ----a-w- C:\Windows\System32\dpnaddr.dll
2012-11-03 05:00:54 3072 ----a-w- C:\Windows\SysWow64\dpnlobby.dll
2012-11-03 05:00:53 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll
2012-11-02 05:22:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2012-11-02 05:21:44 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2012-11-02 05:21:44 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2012-11-02 05:21:28 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll
2012-11-02 05:20:31 39424 ----a-w- C:\Windows\System32\wuapp.exe
2012-11-02 05:20:28 77824 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-02 05:20:28 72192 ----a-w- C:\Windows\System32\taskhostex.exe
2012-11-02 05:20:10 141824 ----a-w- C:\Windows\System32\wuwebv.dll
2012-11-02 05:20:09 98304 ----a-w- C:\Windows\System32\wudriver.dll
2012-11-02 05:20:09 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2012-11-02 05:20:09 17408 ----a-w- C:\Windows\System32\wuaext.dll
2012-11-02 05:20:09 1619968 ----a-w- C:\Windows\System32\wucltux.dll
2012-11-02 05:19:50 318464 ----a-w- C:\Windows\System32\ubpm.dll
2012-11-02 05:01:27 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll
2012-11-02 04:55:32 212992 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2012-11-02 04:53:13 366080 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2012-10-29 05:04:47 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2012-10-29 05:04:47 490064 ----a-w- C:\Windows\System32\AudioEng.dll
2012-10-29 05:04:47 447792 ----a-w- C:\Windows\System32\AudioSes.dll
2012-10-29 05:04:47 253512 ----a-w- C:\Windows\System32\audiodg.exe
2012-10-29 03:21:53 1526784 ----a-w- C:\Windows\System32\mfcore.dll
2012-10-29 03:21:21 267264 ----a-w- C:\Windows\System32\EncDump.dll
2012-10-29 03:20:49 785920 ----a-w- C:\Windows\System32\audiosrv.dll
2012-10-29 03:20:49 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll
2012-10-29 03:19:08 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2012-10-29 03:19:08 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2012-10-29 03:19:08 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2012-10-29 02:46:23 1451520 ----a-w- C:\Windows\SysWow64\mfcore.dll
2012-10-24 03:25:41 26624 ----a-w- C:\Windows\System32\ReAgentc.exe
2012-10-24 03:25:40 13312 ----a-w- C:\Windows\System32\pcalua.exe
2012-10-24 03:24:35 405504 ----a-w- C:\Windows\System32\pcasvc.dll
2012-10-24 03:24:35 31232 ----a-w- C:\Windows\System32\pcadm.dll
2012-10-24 03:05:31 11776 ----a-w- C:\Windows\System32\pcaevts.dll
2012-10-24 02:48:12 24064 ----a-w- C:\Windows\SysWow64\ReAgentc.exe
.
============= FINISH: 12:52:25.64 ===============
------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.10.2
Run by christian at 12:51:01 on 2013-01-15
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3983.1286 [GMT -8:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: CouponAmazing: {511850B6-0D00-4EC4-A0CB-906B2F741568} - C:\Users\christian\AppData\Local\couponamazing\ie\couponamazing_1356771002.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: CouponMatcher: {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\CouponMatcher\CouponMatcher.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E} : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E}\2375942554330393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0324A026-5CBC-4DAA-A1E5-085D188B553E}\26279616E6E61637D616C6C677F6F646 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{44449148-2BEF-4758-9A26-F0FBBB14BAED} : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\u6wxgxo5.default-1358303629902\
FF - plugin: C:\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISb.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-13 13:51; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF - ExtSQL: 2013-01-15 17:29; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF - ExtSQL: 2013-01-15 18:34; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\u6wxgxo5.default-1358303629902\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\Drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2013-1-15 168096]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-27 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-11-27 98208]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-27 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-14 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-14 682344]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2013-1-15 143928]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe [2012-12-26 143928]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-27 364416]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130111.001\BHDrvx64.sys [2013-1-15 1384608]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1402000.013\ccsetx64.sys [2012-12-26 168096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-27 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130115.001\IDSviA64.sys [2013-1-15 513184]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-14 24176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-11-27 1958984]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-27 683664]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-27 43832]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1402000.013\symds64.sys [2012-12-26 493216]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1402000.013\symefa64.sys [2012-12-26 1133216]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\ironx64.sys [2012-12-26 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\symnets.sys [2012-12-26 432800]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288]
S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1402000.013\symelam.sys [2012-12-26 23448]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-11-27 266896]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-11-27 41272]
.
=============== Created Last 30 ================
.
2013-01-16 02:13:49 -------- d-----w- C:\Users\christian\AppData\Local\CrashDumps
2013-01-16 01:40:36 168096 ----a-r- C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys
2013-01-16 01:40:33 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64\0302000.013
2013-01-16 01:40:33 -------- d-----w- C:\Windows\System32\drivers\MCLIENTx64
2013-01-16 01:40:33 -------- d-----w- C:\Program Files (x86)\Norton Management
2013-01-15 05:35:47 -------- d-----w- C:\Users\christian\AppData\Roaming\Malwarebytes
2013-01-15 05:35:37 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-15 05:35:35 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-15 05:35:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-15 05:35:24 -------- d-----w- C:\Users\christian\AppData\Local\Programs
2013-01-13 03:52:18 182464 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10188.bin
2013-01-03 04:52:39 753664 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2013-01-03 04:52:38 2146816 ----a-w- C:\Windows\System32\actxprxy.dll
2013-01-03 04:52:37 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2013-01-03 04:52:36 8856576 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-01-03 04:52:36 2302464 ----a-w- C:\Windows\System32\authui.dll
2013-01-03 04:52:36 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
2013-01-03 04:52:36 10096640 ----a-w- C:\Windows\System32\twinui.dll
2013-01-03 04:50:59 3244032 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-01-03 04:50:17 6972136 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-03 04:46:59 48640 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2013-01-03 04:45:58 592896 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2013-01-03 04:45:58 415232 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
2013-01-03 04:45:58 410624 ----a-w- C:\Windows\SysWow64\Windows.Networking.dll
2013-01-03 04:45:57 594944 ----a-w- C:\Windows\System32\Windows.Networking.dll
2013-01-03 04:45:53 460800 ----a-w- C:\Windows\SysWow64\SHCore.dll
2012-12-29 10:54:11 -------- d-----w- C:\Users\christian\AppData\Local\couponamazing
2012-12-29 10:47:27 -------- d-----w- C:\Users\christian\AppData\Local\Macromedia
2012-12-28 22:02:33 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 22:02:32 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 07:07:03 -------- d-----w- C:\Users\christian\AppData\Local\Mozilla
2012-12-28 07:03:30 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-27 22:13:41 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-12-26 20:33:14 776864 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys
2012-12-26 20:33:14 493216 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symds64.sys
2012-12-26 20:33:14 432800 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys
2012-12-26 20:33:14 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\srtspx64.sys
2012-12-26 20:33:14 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\symelam.sys
2012-12-26 20:33:14 1133216 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\symefa64.sys
2012-12-26 20:33:13 224416 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\ironx64.sys
2012-12-26 20:33:13 168096 ----a-w- C:\Windows\System32\drivers\NISx64\1402000.013\ccsetx64.sys
2012-12-26 20:32:56 -------- d-----w- C:\Windows\System32\drivers\NISx64\1402000.013
2012-12-26 09:48:15 -------- d-----w- C:\Users\christian\AbiSuite
2012-12-26 09:46:31 -------- d-----w- C:\Program Files (x86)\AbiWord
2012-12-26 09:42:02 -------- d-----w- C:\Users\christian\AppData\Local\MicrosoftStore
2012-12-26 07:45:04 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-12-26 07:44:55 -------- d-----w- C:\Program Files (x86)\Steam
2012-12-26 06:20:05 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2012-12-26 06:20:04 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2012-12-26 05:43:03 94208 ----a-w- C:\Windows\System32\synceng.dll
2012-12-26 05:43:03 72192 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-12-26 05:42:42 4056576 ----a-w- C:\Windows\System32\win32k.sys
2012-12-26 02:33:42 -------- d-----w- C:\Program Files (x86)\GamingWonderlandEI
2012-12-25 20:14:07 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2012-12-25 20:13:59 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2012-12-24 23:47:16 -------- d-----w- C:\Users\christian\AppData\Roaming\Coupon Matcher
2012-12-24 23:47:15 -------- d-----w- C:\Program Files (x86)\CouponMatcher
2012-12-24 21:57:41 -------- d-----w- C:\Users\christian\AppData\Roaming\hpqlog
2012-12-24 21:57:40 -------- d-----w- C:\Users\christian\AppData\Local\Hewlett-Packard
2012-12-24 19:57:37 -------- d-----w- C:\Users\christian\AppData\Roaming\.minecraft
2012-12-24 19:55:47 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-24 19:55:47 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-24 19:55:38 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-24 19:49:58 -------- d-----w- C:\Users\christian\AppData\Local\Diagnostics
2012-12-24 19:45:37 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-24 19:31:21 -------- d-----r- C:\Users\christian\Searches
2012-12-24 19:31:20 -------- d-----r- C:\Users\christian\Contacts
2012-12-24 19:29:42 -------- d-----w- C:\Users\christian\AppData\Local\Power2Go8
2012-12-24 19:29:28 -------- d-----w- C:\Users\christian\AppData\Roaming\Synaptics
2012-12-24 19:28:32 -------- d-----w- C:\Users\christian\AppData\Local\VirtualStore
2012-12-24 19:28:08 -------- d-----w- C:\Users\christian\AppData\Local\Packages
2012-12-24 19:26:42 -------- d--h--w- C:\Users\christian\AppData
2012-12-24 19:26:42 -------- d-----w- C:\Users\christian\AppData\Local\Temp
2012-12-24 19:26:42 -------- d-----w- C:\Users\christian\AppData\Local\Microsoft
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Videos
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Saved Games
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Pictures
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Music
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Links
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Downloads
2012-12-24 19:26:42 -------- d-----r- C:\Users\christian\Documents
.
==================== Find3M ====================
.
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-29 23:06:06 80736 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-29 23:06:06 695648 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 22:27:49 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-11-27 22:22:26 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-11-27 22:22:26 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-11-27 22:22:25 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-10 04:23:25 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-11-10 04:23:18 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-11-10 04:22:40 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-11-10 04:22:35 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-11-10 04:22:14 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-11-10 04:20:20 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-11-03 05:26:59 132096 ----a-w- C:\Windows\System32\sysreset.exe
2012-11-03 05:26:40 34816 ----a-w- C:\Windows\System32\dpnsvr.exe
2012-11-03 05:26:12 32256 ----a-w- C:\Windows\SysWow64\dpnsvr.exe
2012-11-03 05:25:40 945152 ----a-w- C:\Windows\System32\resetengmig.dll
2012-11-03 05:25:40 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll
2012-11-03 05:25:40 1009664 ----a-w- C:\Windows\System32\reseteng.dll
2012-11-03 05:25:39 443392 ----a-w- C:\Windows\System32\ReAgent.dll
2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhupnp.dll
2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhpast.dll
2012-11-03 05:24:34 58880 ----a-w- C:\Windows\SysWow64\dpnathlp.dll
2012-11-03 05:24:34 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll
2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhpast.dll
2012-11-03 05:24:11 67584 ----a-w- C:\Windows\System32\dpnathlp.dll
2012-11-03 05:24:11 463872 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-03 05:04:21 4096 ----a-w- C:\Windows\System32\dpnlobby.dll
2012-11-03 05:04:19 3584 ----a-w- C:\Windows\System32\dpnaddr.dll
2012-11-03 05:00:54 3072 ----a-w- C:\Windows\SysWow64\dpnlobby.dll
2012-11-03 05:00:53 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll
2012-11-02 05:22:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2012-11-02 05:21:44 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2012-11-02 05:21:44 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2012-11-02 05:21:28 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll
2012-11-02 05:20:31 39424 ----a-w- C:\Windows\System32\wuapp.exe
2012-11-02 05:20:28 77824 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-02 05:20:28 72192 ----a-w- C:\Windows\System32\taskhostex.exe
2012-11-02 05:20:10 141824 ----a-w- C:\Windows\System32\wuwebv.dll
2012-11-02 05:20:09 98304 ----a-w- C:\Windows\System32\wudriver.dll
2012-11-02 05:20:09 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2012-11-02 05:20:09 17408 ----a-w- C:\Windows\System32\wuaext.dll
2012-11-02 05:20:09 1619968 ----a-w- C:\Windows\System32\wucltux.dll
2012-11-02 05:19:50 318464 ----a-w- C:\Windows\System32\ubpm.dll
2012-11-02 05:01:27 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll
2012-11-02 04:55:32 212992 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2012-11-02 04:53:13 366080 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2012-10-29 05:04:47 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2012-10-29 05:04:47 490064 ----a-w- C:\Windows\System32\AudioEng.dll
2012-10-29 05:04:47 447792 ----a-w- C:\Windows\System32\AudioSes.dll
2012-10-29 05:04:47 253512 ----a-w- C:\Windows\System32\audiodg.exe
2012-10-29 03:21:53 1526784 ----a-w- C:\Windows\System32\mfcore.dll
2012-10-29 03:21:21 267264 ----a-w- C:\Windows\System32\EncDump.dll
2012-10-29 03:20:49 785920 ----a-w- C:\Windows\System32\audiosrv.dll
2012-10-29 03:20:49 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll
2012-10-29 03:19:08 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2012-10-29 03:19:08 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2012-10-29 03:19:08 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2012-10-29 02:46:23 1451520 ----a-w- C:\Windows\SysWow64\mfcore.dll
2012-10-24 03:25:41 26624 ----a-w- C:\Windows\System32\ReAgentc.exe
2012-10-24 03:25:40 13312 ----a-w- C:\Windows\System32\pcalua.exe
2012-10-24 03:24:35 405504 ----a-w- C:\Windows\System32\pcasvc.dll
2012-10-24 03:24:35 31232 ----a-w- C:\Windows\System32\pcadm.dll
2012-10-24 03:05:31 11776 ----a-w- C:\Windows\System32\pcaevts.dll
2012-10-24 02:48:12 24064 ----a-w- C:\Windows\SysWow64\ReAgentc.exe
.
============= FINISH: 12:52:25.64 ===============