Jump to content

Recommended Posts

Sorry to bother everyone but I could use some help.  Recently my computer has started playing random audio at irregular intervals.  The audio can last for just a few moments or a few minutes, and has nothing to do with any program I have open.  The audio plays even when I have no programs running and just started up the computer.  The sounds vary from adds to self help sound bites to what sounds like radio talk shows.  So far I have been unable to detect the problem with Malwarebytes or Norton Internet Security.  If anyone has any insights on this I would really appreciate the help.  I've included the logs from a malwarebytes scan and DDS.txt

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Connor :: CONNOR-HP [administrator]

6/20/2013 10:25:21 AM
mbam-log-2013-06-20 (10-25-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210454
Time elapsed: 6 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611  BrowserJavaVersion: 10.21.2
Run by Connor at 10:33:06 on 2013-06-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5610.2740 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [AmazonMP3DownloaderHelper] C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
StartupFolder: C:\Users\Connor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{458402C4-FF41-40E3-BC2E-0A8558735FA1} : DHCPNameServer = 172.168.11.12
TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405}\4565331423 : DHCPNameServer = 192.168.1.1 71.252.0.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-02 13:30; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-06-04 23:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
FF - ExtSQL: 2013-06-04 23:20; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
FF - ExtSQL: 2013-06-19 23:51; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-6-10 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-11-5 197536]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-28 2413056]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-19 701512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-6-6 138272]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-28 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-6-6 167072]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-6-5 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130619.001\IDSviA64.sys [2013-6-19 513184]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-19 25928]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-28 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-28 428136]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-28 1145448]
R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-6-6 451192]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-6-6 1129120]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-6-6 190072]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-6-6 405624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-31 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-06-20 03:55:59    --------    d-----w-    C:\Users\Connor\AppData\Local\Program Files
2013-06-20 02:14:16    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-06-20 02:14:16    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-17 02:52:21    --------    d-----w-    C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-06-16 01:09:15    --------    d-----w-    C:\Users\Connor\AppData\Roaming\IDT
2013-06-16 01:07:36    --------    d-----w-    C:\Users\Connor\AppData\Local\CrashDumps
2013-06-13 02:09:49    --------    d-----w-    C:\Windows\System32\drivers\UMDF\pt-BR
2013-06-13 02:09:48    --------    d-----w-    C:\Windows\System32\drivers\UMDF\pt-PT
2013-06-13 02:09:47    --------    d-----w-    C:\Windows\System32\drivers\UMDF\nl-NL
2013-06-13 02:09:46    --------    d-----w-    C:\Windows\System32\drivers\UMDF\it-IT
2013-06-13 02:09:45    --------    d-----w-    C:\Windows\System32\drivers\UMDF\de-DE
2013-06-13 02:09:44    --------    d-----w-    C:\Windows\System32\drivers\UMDF\fr-FR
2013-06-13 02:09:43    --------    d-----w-    C:\Windows\System32\drivers\UMDF\es-ES
2013-06-11 21:37:56    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2013-06-10 18:52:11    654336    ------w-    C:\Windows\System32\stapi64.dll
2013-06-10 18:50:32    535552    ----a-w-    C:\Windows\System32\drivers\stwrt64.sys
2013-06-10 18:50:30    448512    ----a-w-    C:\Windows\System32\stcplx64.dll
2013-06-10 18:50:30    1987072    ----a-w-    C:\Windows\System32\stapo64.dll
2013-06-10 18:49:57    --------    d-----w-    C:\Program Files\IDT
2013-06-07 01:37:16    737952    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys
2013-06-07 01:37:16    451192    ----a-r-    C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys
2013-06-07 01:37:16    405624    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys
2013-06-07 01:37:16    37536    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys
2013-06-07 01:37:16    190072    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys
2013-06-07 01:37:16    167072    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys
2013-06-07 01:37:16    1129120    ----a-w-    C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys
2013-06-07 01:37:07    --------    d-----w-    C:\Windows\System32\drivers\NISx64\1309010.00E
2013-06-06 01:15:03    --------    d-----w-    C:\Users\Connor\AppData\Roaming\.minecraft
2013-06-06 00:40:24    788896    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-06-06 00:40:23    866720    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-06-06 00:40:11    95648    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-05 03:18:23    --------    d-----w-    C:\Windows\System32\drivers\NISx64
2013-06-05 03:18:20    --------    d-----w-    C:\Program Files (x86)\Norton Internet Security
2013-06-05 02:54:03    9460464    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{816559E5-8BF5-4D45-8164-87C6A69BDEA4}\mpengine.dll
2013-06-05 02:52:28    --------    d-----w-    C:\Users\Connor\AppData\Local\Diagnostics
2013-06-04 04:21:42    --------    d-----w-    C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64
2013-06-04 04:21:42    --------    d-----w-    C:\Windows\System32\drivers\SEP\0C0103E8\009D.105
2013-06-04 04:21:42    --------    d-----w-    C:\Windows\System32\drivers\SEP\0C0103E8
2013-06-04 04:21:42    --------    d-----w-    C:\Windows\System32\drivers\SEP
2013-06-04 03:52:40    --------    d-----w-    C:\ProgramData\Symantec
2013-06-04 02:43:39    --------    d-----w-    C:\Users\Connor\AppData\Roaming\Malwarebytes
2013-06-04 02:43:36    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-06-04 02:43:13    --------    d-----w-    C:\Users\Connor\AppData\Local\Programs
2013-06-03 20:43:30    --------    d-----w-    C:\Windows\System32\%LOCALAPPDATA%
2013-06-03 20:23:46    --------    d-----w-    C:\Users\Connor\AppData\Local\Symantec
2013-06-03 20:22:59    --------    d-----w-    C:\Program Files\Symantec
2013-06-03 20:22:30    42632    ----a-w-    C:\Windows\System32\drivers\WGX64.SYS
2013-06-03 20:22:30    118768    ----a-w-    C:\Windows\System32\drivers\SysPlant.sys
2013-06-03 20:21:57    --------    d-----w-    C:\ProgramData\regid.1992_12.com.symantec
2013-06-03 20:21:50    --------    d-----w-    C:\Program Files (x86)\Symantec
2013-06-03 20:12:11    --------    d-----w-    C:\VT-SEPVersion
2013-06-03 20:10:45    --------    d-----w-    C:\VT AntiVirus
2013-06-03 20:07:18    --------    d-----w-    C:\VT-SecureTools
2013-06-03 20:03:53    --------    d-----w-    C:\Program Files\Microsoft Lync
2013-06-03 20:03:45    --------    d-----w-    C:\Program Files (x86)\Microsoft Lync
2013-06-03 20:03:35    --------    d-----w-    C:\Users\Connor\Tracing
2013-06-03 20:03:35    --------    d-----w-    C:\Program Files (x86)\OCSetup
2013-06-03 19:45:43    --------    d-----w-    C:\Program Files (x86)\Microsoft Small Business
2013-06-03 19:45:21    --------    d-----w-    C:\Program Files (x86)\Microsoft Chart Controls
2013-06-03 19:43:46    50200    ----a-w-    C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll
2013-06-03 19:43:35    79896    ----a-w-    C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll
2013-06-03 19:41:57    --------    d-----w-    C:\Windows\SysWow64\1033
2013-06-03 19:41:57    --------    d-----w-    C:\Windows\System32\1033
2013-06-03 19:41:57    --------    d-----w-    C:\Program Files\Microsoft SQL Server
2013-06-03 19:38:02    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server
2013-06-03 18:03:16    --------    d-----w-    C:\Program Files (x86)\MSECache
2013-06-03 17:55:54    --------    d-----w-    C:\Users\Connor\AppData\Local\LogMeIn Rescue Applet
2013-06-03 17:23:00    --------    d-----w-    C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-03 17:19:50    --------    d-----w-    C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-03 17:19:10    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2013-06-03 17:18:57    --------    d-----w-    C:\Windows\SHELLNEW
2013-06-03 17:18:39    --------    d-----w-    C:\Users\Connor\AppData\Local\Microsoft Help
2013-06-03 02:10:05    --------    d-----w-    C:\Users\Connor\AppData\Local\HP
2013-06-03 01:43:23    1671680    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM3.dll
2013-06-03 01:43:23    1669120    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM6.dll
2013-06-03 01:43:23    1668608    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM5.dll
2013-06-03 01:43:23    1668608    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM4.dll
2013-06-03 01:43:23    1667072    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM7.dll
2013-06-02 17:34:29    --------    d-----w-    C:\Users\Connor\AppData\Local\Macromedia
2013-06-02 17:34:17    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-02 00:14:24    --------    d-----w-    C:\Users\Connor\AppData\Local\Skyrim
2013-06-02 00:04:15    78680    ----a-w-    C:\Windows\System32\XAPOFX1_4.dll
2013-06-02 00:04:15    74072    ----a-w-    C:\Windows\SysWow64\XAPOFX1_4.dll
2013-06-02 00:04:15    530776    ----a-w-    C:\Windows\System32\XAudio2_6.dll
2013-06-02 00:04:15    528216    ----a-w-    C:\Windows\SysWow64\XAudio2_6.dll
2013-06-02 00:04:14    238936    ----a-w-    C:\Windows\SysWow64\xactengine3_6.dll
2013-06-02 00:04:14    176984    ----a-w-    C:\Windows\System32\xactengine3_6.dll
2013-06-02 00:04:13    24920    ----a-w-    C:\Windows\System32\X3DAudio1_7.dll
2013-06-02 00:04:13    22360    ----a-w-    C:\Windows\SysWow64\X3DAudio1_7.dll
2013-06-01 23:31:52    --------    d-----w-    C:\Program Files (x86)\Common Files\Symantec Shared
2013-06-01 23:01:29    --------    d-----w-    C:\Program Files (x86)\dumps
2013-06-01 23:00:22    --------    d-----w-    C:\Program Files (x86)\Common Files\Steam
2013-06-01 23:00:17    --------    d-----w-    C:\Program Files (x86)\Steam
2013-06-01 03:54:50    --------    d-----w-    C:\Users\Connor\AppData\Local\CyberLink
2013-06-01 03:03:42    --------    d-----w-    C:\ProgramData\Amazon
2013-06-01 03:03:29    --------    d-----w-    C:\Program Files (x86)\Amazon
2013-06-01 03:02:44    --------    d-----w-    C:\Windows\Downloaded Installations
2013-06-01 02:57:28    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2013-06-01 02:46:54    425345024    ----a-w-    C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
2013-06-01 02:20:18    --------    d-----w-    C:\Windows\SysWow64\Wat
2013-06-01 02:20:18    --------    d-----w-    C:\Windows\System32\Wat
2013-06-01 00:53:14    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2013-06-01 00:53:14    785512    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2013-06-01 00:53:14    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2013-06-01 00:53:14    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-06-01 00:34:18    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-01 00:01:40    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2013-06-01 00:01:40    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2013-06-01 00:01:40    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2013-06-01 00:01:39    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2013-06-01 00:00:09    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2013-06-01 00:00:09    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2013-06-01 00:00:09    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2013-06-01 00:00:09    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2013-06-01 00:00:08    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2013-06-01 00:00:08    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2013-06-01 00:00:08    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2013-05-31 23:43:39    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-05-31 23:43:39    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2013-05-31 23:43:39    5120    ----a-w-    C:\Windows\System32\wmi.dll
2013-05-31 23:43:39    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2013-05-31 23:43:39    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-05-31 23:28:52    46592    ----a-w-    C:\Windows\SysWow64\fpb.rs
2013-05-31 23:27:33    1367552    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-05-31 23:26:54    67072    ----a-w-    C:\Windows\splwow64.exe
2013-05-31 23:25:30    956928    ----a-w-    C:\Windows\System32\localspl.dll
2013-05-31 23:25:29    3216384    ----a-w-    C:\Windows\System32\msi.dll
2013-05-31 23:25:29    2342400    ----a-w-    C:\Windows\SysWow64\msi.dll
2013-05-31 23:25:00    715776    ----a-w-    C:\Windows\System32\kerberos.dll
2013-05-31 23:25:00    542208    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2013-05-31 23:17:09    77312    ----a-w-    C:\Windows\System32\packager.dll
2013-05-31 23:17:09    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2013-05-31 23:03:50    --------    d-----w-    C:\Users\Connor\AppData\Local\AMD
2013-05-31 23:03:40    --------    d-----w-    C:\Users\Connor\AppData\Local\ATI
2013-05-31 23:02:38    --------    d-----w-    C:\Users\Connor\AppData\Roaming\Synaptics
2013-05-31 23:00:06    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2013-05-31 23:00:06    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2013-05-31 23:00:06    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2013-05-31 22:59:20    --------    d-----w-    C:\Users\Connor\AppData\Roaming\hpqlog
2013-05-31 22:59:18    --------    d-----w-    C:\Users\Connor\AppData\Local\Hewlett-Packard
2013-05-31 22:58:00    --------    d-----w-    C:\Users\Connor\AppData\Local\RemEngine
2013-05-31 22:57:50    --------    d-----w-    C:\Users\Connor\AppData\Local\Hewlett-Packard_Company
2013-05-31 22:56:48    --------    d-----w-    C:\Users\Connor\AppData\Local\AuthenTec
2013-05-31 22:55:29    --------    d-----w-    C:\Users\Connor\AppData\Local\VirtualStore
2013-05-31 22:55:12    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2013-05-31 22:55:03    99840    ----a-w-    C:\Windows\System32\wudriver.dll
.
==================== Find3M  ====================
.
2013-06-16 02:13:36    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-08 12:28:46    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-06-06 00:33:21    175736    ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-06-01 00:34:18    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-17 01:25:57    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-05-17 00:58:10    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-02 06:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23    135168    ----a-w-    C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19    350208    ----a-w-    C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19    308736    ----a-w-    C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19    111104    ----a-w-    C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16    474624    ----a-w-    C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15    2176512    ----a-w-    C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-10 05:24:10    983912    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 05:24:10    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 03:30:50    3153920    ----a-w-    C:\Windows\System32\win32k.sys
.
============= FINISH: 10:45:17.11 ===============

 

Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.