Jump to content

themuse

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello again, I found a solution to this problem yesterday, and wanted to post it here for anyone else who might run into this pesky pop-up. I went to into the Chrome settings, and removed every cookie I could find with "rvzr-a.akamaihd" in the description (a search brought them all up). Then I went to: C:\Users\MyUserName\AppData\Local\Google\Chrome\User Data\Default Renamed the "Default" folder "Default_BAK" (could be any new name). When Chrome reopened, a new "Default" folder was created, the apps I used came back because they were synced at Google, and the problem issue with the pop-up is now gone. Thanks again for your help, Kevin. Best regards, Harry
  2. Hi Kevin, You wrote: When you ran AdwCleaner you only used the scan function to identify issues, you never actually used the "Clean" option to remove them.... => I know. The only items identified as "issues" all came from the registry. As you mentioned, if I wasn't secure in "cleaning" those items, just post the logfile, which I did. You made no comment about it, so I didn't know where to take it from there. I don't mess with the Registry. I trusted so-called "cleaners" twice since 1996, and both times were disastrous. I mentioned that earlier in my posts. Regarding the 200 icons - yes, I know it's not uncommon to have that many. As I stated in my post, "the 200+ icons which I had arranged in a certain order on my desktop are now completely scrambled". They were scrambled, more than likely, because some registry value was tampered with. My desktop takes a lot of time to re-organize once scrambled. Other than that, I've run too many scan programs, and posted too many results without hearing one word about what was found in the results, and why yet another scan was needed. If identifying the issue means downloading every malware tool in the world and scanning, one by one, the issue itself is causing less a problem than the "cure". So, as I said in my last post, I'm going to call it quits now. Thanks for trying. Best regards, Harry
  3. Let me put it this way - the 200+ icons which I had arranged in a certain order on my desktop are now completely scrambled. I had to squint my eyes for 2 minutes just to find MalwareBytes this time around. Secondly, despite all of these downloads and log postings, the problem still exists with http://rvzr-a.akamaihd.net pop-up windows. Here's the Malwarebytes log requested from the latest download. -------------------------------------------------------------------- Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.10.02.11 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16686Harry :: CQ5210F [administrator] 10/2/2013 3:09:26 PMmbam-log-2013-10-02 (15-09-26).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 256966Time elapsed: 9 minute(s), 46 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) ------------------------------------------------------------------ I'm going to call it quits now. Thanks for trying. Best regards, Harry
  4. Dr. Web found no threats when run in Safe Mode. Attached is the Dr. Web log file. cureit.log Thanks for your consideration. I'll check back later today. Best regards, Harry
  5. Hi Kevin, I'm back. While I'm downloading Dr. Web, I'll go ahead and post the Fixlog.txt and AdwCleaner[R2].txt so you can see the results. The AdwCleaner[R2].txt is the result of a fresh download. The only things in the report are Registry values. No Folders, Files, etc. Here are the copies: 1. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-09-2013 02Ran by Harry at 2013-10-02 08:56:05 Run:1Running from C:\Users\Harry\Downloads\JRTBoot Mode: Normal============================================== Content of fixlist:*****************StartC:\Users\Harry\AppData\Roaming\CamLayout.iniC:\Users\Harry\AppData\Roaming\CamShapes.iniAlternateDataStreams: C:\ProgramData\Temp:DED17083AlternateDataStreams: C:\ProgramData\Temp:F4CA4D70End ***************** C:\Users\Harry\AppData\Roaming\CamLayout.ini => Moved successfully.C:\Users\Harry\AppData\Roaming\CamShapes.ini => Moved successfully.C:\ProgramData\Temp => ":DED17083" ADS removed successfully.C:\ProgramData\Temp => ":F4CA4D70" ADS removed successfully. ==== End of Fixlog ==== 2. # AdwCleaner v3.006 - Report created 02/10/2013 at 09:02:12# Updated 01/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Harry - CQ5210F# Running from : C:\Users\Harry\Downloads\JRT\adwcleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}Key Found : HKCU\Software\ParetoLogicKey Found : [x64] HKCU\Software\ParetoLogicKey Found : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Found : HKLM\Software\ParetoLogicKey Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Harry\AppData\Roaming\Mozilla\Firefox\Profiles\jws03pwp.default-1378921600973\prefs.js ] -\\ Google Chrome v29.0.1547.76 [ File : C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R2].txt - [2056 octets] - [02/10/2013 09:02:12] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2116 octets] ########## =============== Now I'll reboot to Safe Mode and run Cureit. Back in a while.
  6. The instructions are straightforward for you, but cause me concern, because I don't trust myself. At any rate, I have to go out of town tomorrow for a few days. May I come back to this when I return? Thanks, Harry
  7. P.S. You should find a donation from me marked "Gratitude" next time you check your PayPal. Wish it could have been more. I'm on a fixed income. It's obvious this forum does excellent work. Best again, Harry
  8. Dear Kevin - Thank you for your help thus far. I won't be able to continue past this point. For one thing, I'm leaving town tomorrow for several days and my desktop does not come with me. For another thing, I have in the past used various software programs which scanned, then offered hundreds of "check boxes" for me to decide which to keep and which to "fix". To make a long story short, after I clicked "fix" with one of these programs, my computer became so unstable, the only thing which saved me was a restore point. I don't want to even risk going down that path again. I don't have the tech savvy to know which to keep and which to fix, nor do I wish to continue with programs which may inadvertently negatively alter my registry files. In other words, unless you can somehow convince me I'm smart enough to know which to keep and which to fix, I'm "chicken". Sorry to have wasted your time. Best regards, themuse
  9. Thank you for the quick response. Here are the scan results you requested: 1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.2 (09.22.2013:1)OS: Windows 7 Home Premium x64Ran by Harry on Thu 09/26/2013 at 14:00:41.82~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4050790218-1552307734-3448739108-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip" ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Harry\AppData\Roaming\pdfforge" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 09/26/2013 at 14:10:31.01End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013Ran by Harry (administrator) on CQ5210F on 26-09-2013 14:14:12Running from C:\Users\Harry\Downloads\JRTWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe(Motorola) C:\Program Files (x86)\Motorola\Moto Helper Service\MotoHelper.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 5.0\Distillr\AcroTray.exe(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iSW] - "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"HKLM-x32\...\RunOnce: [iE 3.0 RegSvr schannel.dll] - C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\schannel.dll [340992 2012-06-02] (Microsoft Corporation)HKCU\...\Run: [Google Update] - C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-03-28] (Google Inc.)HKCU\...\Run: [cdloader] - C:\Users\Harry\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)HKLM-x32\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)HKLM-x32\...\Run: [updatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1764352 2011-07-12] (Dominik Reichl)HKLM-x32\...\Run: [instaLAN] - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1884064 2011-11-14] (Affinegy, Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)HKU\DefaultAppPool\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard) ==================== Internet (Whitelisted) ==================== SearchScopes: HKLM-x32 - {C61E4995-64CF-4072-84B3-C019EF8AF7FC} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqdSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: FlashCatchBHO Class - {88618A96-6D8A-42E7-B932-9073D5B2080F} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)BHO-x32: No Name - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - No FileBHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)Toolbar: HKLM-x32 - AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)Toolbar: HKLM-x32 - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No FileToolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileToolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKCU - No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No FileToolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No FileToolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileDPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: HKLM-x32 {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No FileShellExecuteHooks-x32: - {A213B520-C6C2-11d0-AF9D-008029E1027E} - No File [ ]Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox:========FF ProfilePath: C:\Users\Harry\AppData\Roaming\Mozilla\Firefox\Profiles\jws03pwp.default-1378921600973FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Harry\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Harry\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustCheckerFF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustCheckerFF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisorFF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\coFFPlgn\FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\coFFPlgn\FF HKLM-x32\...\Firefox\Extensions: [flashcatch@flashcatch.com] - C:\Program Files (x86)\FlashCatch\firefoxFF Extension: FlashCatch - C:\Program Files (x86)\FlashCatch\firefoxFF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\IPSFFPlgn\FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\IPSFFPlgn\FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExtFF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt Chrome: =======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\McChPlg.dll (McAfee, Inc.)CHR Plugin: (Norton Identity Safe) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll (Symantec Corporation)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No FileCHR Plugin: (Widevine Media Optimizer) - C:\Program Files (x86)\Google\Chrome\Application\plugins\npwidevinemediaoptimizer.dll (Widevine Technologies)CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)CHR Plugin: (downloadUpdater) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll No FileCHR Plugin: (downloadUpdater2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll No FileCHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No FileCHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Harry\AppData\Roaming\Mozilla\plugins\npatgpc.dll No FileCHR Plugin: (Motive Plugin) - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (Easy Bookmark) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelppinkjknianlncbfhokbkipdhofnp\1.1_0CHR Extension: (Google Docs) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Firebug Lite for Google Chrome\u2122) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0CHR Extension: (History 2) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp\0.6.0_0CHR Extension: (Adblock Plus) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0CHR Extension: (Google Search) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Read Later Fast) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0CHR Extension: (Session Buddy) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.1_0CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk\1.8.51.1_0CHR Extension: (Network and Internet tools) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekpdpmpcgcmpaeokmclflfpadaklgpji\1.66_0CHR Extension: (YouTube Downloader) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapjkciegccccojledkpnfgchdkjemec\2.2_0CHR Extension: (SiteAdvisor) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0CHR Extension: (Go to IMDb) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fipkcplmpmhcmfgkgahliaabodplkjio\1.2.6_0CHR Extension: (Full Screen Weather) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0CHR Extension: (goo.gl URL Shortener) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.5_0CHR Extension: (The Weather Channel for Chrome) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0CHR Extension: (Speed Dial 2) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.0_0CHR Extension: (Image Properties Context Menu) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon\0.7.6_0CHR Extension: (Google Dictionary (by Google)) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0CHR Extension: (Norton Identity Protection) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0CHR Extension: (Video downloader for YouTube\u2122) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlelphbgdjafoigfmgicejflmnipnhil\15_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0CHR Extension: (Gmail) - C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crxCHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx ==================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2011-11-14] (Affinegy, Inc.)R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [120592 2013-05-22] (McAfee, Inc.)R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-04-30] (Alcatel-Lucent)R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()R2 MotoHelper.exe; C:\Program Files (x86)\Motorola\Moto Helper Service\MotoHelper.exe [6656 2010-09-14] (Motorola)R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-23] (Symantec Corporation)R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-23] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-26] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-26] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-26] (Symantec Corporation)R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130925.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130925.001\IDSvia64.sys [520280 2013-08-21] (Symantec Corporation)S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA))S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA))S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA))S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-04-30] (Printing Communications Assoc., Inc. (PCAUSA))R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130926.004\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130926.004\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130926.004\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130926.004\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-05-01] (CACE Technologies, Inc.)R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-18] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)S0 bp32drv4; System32\drivers\bp32drv4.sys [x]S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-26 14:13 - 2013-09-26 14:13 - 00000000 ____D C:\FRST2013-09-26 14:10 - 2013-09-26 14:10 - 00001514 _____ C:\Users\Harry\Desktop\JRT.txt2013-09-26 13:58 - 2013-09-26 13:59 - 00000000 ____D C:\Users\Harry\Downloads\JRT2013-09-26 13:41 - 2013-09-26 13:41 - 00000923 _____ C:\Users\Harry\Desktop\hijackthis-9-24-13.log - Shortcut.lnk2013-09-26 13:24 - 2013-09-26 13:25 - 00002025 _____ C:\Users\Harry\Desktop\Malwarebyte.lnk2013-09-26 12:35 - 2013-09-26 12:35 - 00000000 ____D C:\Users\Harry\Documents\TheatrGROUP2013-09-24 17:17 - 2013-09-24 17:25 - 00000000 ____D C:\Users\Harry\Downloads\HIJACK2013-09-23 08:49 - 2013-09-23 09:07 - 00001791 _____ C:\Users\Harry\Desktop\TERESA-KING-PHONE-RECORD.txt2013-09-13 06:49 - 2013-09-20 20:14 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2013-09-12 10:55 - 2013-09-13 14:55 - 00000000 ____D C:\VueScan2013-09-12 10:55 - 2013-09-12 11:01 - 00000638 _____ C:\Users\UpdatusUser\Desktop\VueScan.lnk2013-09-12 10:55 - 2013-09-12 11:01 - 00000638 _____ C:\Users\Harry\Desktop\VueScan.lnk2013-09-12 10:53 - 2013-09-12 10:53 - 00001062 _____ C:\Users\Public\Desktop\EPSON Smart Panel.lnk2013-09-12 10:51 - 2013-09-12 10:52 - 00000000 ____D C:\Program Files (x86)\EPSON2013-09-12 10:51 - 2001-03-18 15:16 - 00001571 _____ C:\Windows\Faxcpp1.ini2013-09-12 10:51 - 2001-03-18 15:16 - 00000422 _____ C:\Windows\Faxcpp.ini2013-09-12 10:51 - 1999-12-07 02:03 - 00073216 _____ (SEIKO EPSON CORPORATION) C:\Windows\ADE.DLL2013-09-12 10:51 - 1999-08-09 23:50 - 00000072 _____ C:\Windows\SysWOW64\epDPE.ini2013-09-12 10:51 - 1999-06-15 11:31 - 00096768 _____ C:\Windows\SlantAdj.dll2013-09-12 10:51 - 1999-04-27 00:17 - 00003136 _____ C:\Windows\Ade001.bin2013-09-12 10:50 - 2001-09-06 00:00 - 00036352 _____ (SEIKO EPSON CORP.) C:\Windows\SysWOW64\escwian.dll2013-09-12 10:50 - 2001-07-27 00:00 - 00032256 ____N (SEIKO EPSON CORP.) C:\Windows\SysWOW64\escwiab.dll2013-09-12 10:50 - 2001-07-27 00:00 - 00031744 ____N (SEIKO EPSON CORP.) C:\Windows\SysWOW64\escwiad.dll2013-09-12 10:50 - 2001-06-25 00:00 - 00172032 ____N (SEIKO EPSON CORP.) C:\Windows\SysWOW64\ESDTR.dll2013-09-12 10:50 - 2001-06-07 00:00 - 00086016 ____N (SEIKO EPSON CORP.) C:\Windows\SysWOW64\Epfb5cpl.dll2013-09-12 10:50 - 2001-05-21 00:00 - 00077824 ____N (SEIKO EPSON CORP.) C:\Windows\SysWOW64\Esintpl.dll2013-09-12 10:50 - 2001-05-07 00:00 - 00065536 ____N (SEIKO EPSON CORP) C:\Windows\SysWOW64\epcomdd.dll2013-09-12 10:50 - 2000-10-11 00:00 - 00053248 ____N (SEIKO EPSON Corp.) C:\Windows\SysWOW64\ESICM.dll2013-09-12 09:38 - 2013-09-12 09:38 - 00000000 ____D C:\Users\Harry\AppData\Roaming\PDF Architect2013-09-12 09:37 - 2013-09-12 09:37 - 00001041 _____ C:\Users\Public\Desktop\PDFCreator.lnk2013-09-12 09:37 - 2013-09-12 09:37 - 00001003 _____ C:\Users\Harry\Desktop\PDF Architect.lnk2013-09-12 09:37 - 2013-09-12 09:37 - 00000000 ____D C:\Users\Harry\Documents\PDF Architect Files2013-09-12 09:37 - 2013-09-12 09:37 - 00000000 ____D C:\Program Files (x86)\PDF Architect2013-09-12 09:36 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll2013-09-12 09:36 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX2013-09-12 09:36 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL2013-09-12 09:20 - 2013-09-12 09:20 - 00003180 _____ C:\Windows\System32\Tasks\{2D279E44-1BF4-48C8-BF4C-C1D83BD942BD}2013-09-12 09:20 - 2013-09-12 09:20 - 00000000 ____D C:\Program Files (x86)\GPLGS2013-09-12 09:19 - 2013-09-12 09:27 - 00000000 ____D C:\Users\Harry\Downloads\PDF-CONVERTER2013-09-12 08:58 - 2013-09-12 08:58 - 00001261 _____ C:\Users\Public\Desktop\Adobe Acrobat 5.0.lnk2013-09-12 08:58 - 2013-09-12 08:58 - 00000000 ____D C:\Windows\SysWOW64\Adobe2013-09-12 08:58 - 2001-10-11 17:35 - 00020588 _____ (Adobe Systems Incorporated.) C:\Windows\SysWOW64\PdfPorts.dll2013-09-12 08:58 - 2001-10-11 17:34 - 00077824 _____ C:\Windows\SysWOW64\adistres.dll2013-09-12 08:58 - 2001-04-27 14:02 - 00101200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\pdfshell.dll2013-09-12 08:57 - 2013-09-12 08:57 - 00000000 ____D C:\Users\Harry\Documents\My eBooks2013-09-12 08:57 - 2013-09-12 08:57 - 00000000 ____D C:\Users\Harry\AppData\Roaming\InterTrust2013-09-12 08:47 - 2013-09-12 08:47 - 00292480 _____ C:\Windows\Minidump\091213-51714-01.dmp2013-09-12 07:28 - 2013-09-12 07:28 - 00000771 _____ C:\Users\Harry\Desktop\CASENET - Shortcut.lnk2013-09-11 10:57 - 2013-09-11 10:57 - 00000000 ____D C:\Windows\ERUNT2013-09-11 10:29 - 2013-09-11 10:45 - 00000000 ____D C:\AdwCleaner2013-09-11 10:06 - 2012-06-19 15:41 - 00578474 _____ C:\Windows\_detmp.32013-09-11 10:06 - 2000-02-14 17:36 - 00128000 _____ (Symantec Corporation) C:\Windows\_detmp.42013-09-11 09:11 - 2013-09-11 09:11 - 00000000 ____D C:\Users\Harry\Documents\ATT2013-09-11 03:35 - 2013-09-11 03:35 - 00001903 _____ C:\Users\Public\Desktop\HitmanPro.lnk2013-09-11 03:33 - 2013-09-11 03:35 - 00000000 ____D C:\Program Files\HitmanPro2013-09-11 03:32 - 2013-09-11 03:48 - 00000000 ____D C:\ProgramData\HitmanPro2013-09-11 03:31 - 2013-09-11 11:09 - 00000000 ____D C:\Users\Harry\Downloads\HITMAN2013-09-11 01:55 - 2013-09-11 01:55 - 00000000 ____D C:\Users\Harry\AppData\Roaming\qualys2013-09-11 01:13 - 2010-12-20 18:09 - 00038224 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys2013-09-11 00:26 - 2013-09-11 00:26 - 00000000 ____D C:\Users\Harry\Downloads\MICROSOFT FIXIT2013-09-10 16:14 - 2013-08-10 00:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-09-10 16:14 - 2013-08-10 00:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-09-10 16:14 - 2013-08-10 00:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-09-10 16:14 - 2013-08-10 00:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-09-10 16:14 - 2013-08-10 00:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-09-10 16:14 - 2013-08-10 00:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-09-10 16:14 - 2013-08-10 00:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-09-10 16:14 - 2013-08-10 00:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-09-10 16:14 - 2013-08-10 00:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-09-10 16:14 - 2013-08-10 00:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-09-10 16:14 - 2013-08-10 00:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-09-10 16:14 - 2013-08-10 00:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-09-10 16:14 - 2013-08-10 00:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-09-10 16:14 - 2013-08-10 00:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-09-10 16:14 - 2013-08-09 22:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-09-10 16:14 - 2013-08-09 22:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-09-10 16:14 - 2013-08-09 22:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-09-10 16:14 - 2013-08-09 22:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-09-10 16:14 - 2013-08-09 22:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-09-10 16:14 - 2013-08-09 22:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-09-10 16:14 - 2013-08-09 22:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-09-10 16:14 - 2013-08-09 22:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-09-10 16:14 - 2013-08-09 22:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-09-10 16:14 - 2013-08-09 21:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-09-10 16:14 - 2013-08-09 21:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-09-10 15:59 - 2013-08-07 20:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-09-10 15:59 - 2013-08-01 21:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-09-10 15:59 - 2013-08-01 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-09-10 15:59 - 2013-08-01 21:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2013-09-10 15:59 - 2013-08-01 21:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-09-10 15:59 - 2013-08-01 21:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2013-09-10 15:59 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2013-09-10 15:59 - 2013-08-01 21:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2013-09-10 15:59 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2013-09-10 15:59 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-09-10 15:59 - 2013-08-01 20:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-09-10 15:59 - 2013-08-01 20:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-09-10 15:59 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2013-09-10 15:59 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2013-09-10 15:59 - 2013-08-01 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2013-09-10 15:59 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2013-09-10 15:59 - 2013-08-01 19:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-09-10 15:59 - 2013-08-01 19:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-09-10 15:59 - 2013-08-01 19:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-09-10 15:59 - 2013-08-01 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-09-10 15:59 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2013-09-10 15:59 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2013-09-10 15:59 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2013-09-10 15:59 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll2013-09-10 15:59 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2013-09-10 15:59 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll2013-09-07 19:11 - 2013-09-07 19:11 - 00007019 _____ C:\Users\Harry\Desktop\KYOCERA.lnk ==================== One Month Modified Files and Folders ======= 2013-09-26 14:13 - 2013-09-26 14:13 - 00000000 ____D C:\FRST2013-09-26 14:10 - 2013-09-26 14:10 - 00001514 _____ C:\Users\Harry\Desktop\JRT.txt2013-09-26 14:08 - 2010-03-28 10:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-09-26 13:59 - 2013-09-26 13:58 - 00000000 ____D C:\Users\Harry\Downloads\JRT2013-09-26 13:52 - 2012-10-12 09:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-09-26 13:42 - 2010-05-19 19:12 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000UA.job2013-09-26 13:41 - 2013-09-26 13:41 - 00000923 _____ C:\Users\Harry\Desktop\hijackthis-9-24-13.log - Shortcut.lnk2013-09-26 13:25 - 2013-09-26 13:24 - 00002025 _____ C:\Users\Harry\Desktop\Malwarebyte.lnk2013-09-26 12:40 - 2011-06-22 20:45 - 00000000 ____D C:\Users\Harry\Desktop\POLITICAL NOTES2013-09-26 12:38 - 2010-12-14 01:41 - 00000000 ____D C:\Users\Harry\Desktop\DANNY2013-09-26 12:35 - 2013-09-26 12:35 - 00000000 ____D C:\Users\Harry\Documents\TheatrGROUP2013-09-26 12:33 - 2009-10-29 14:06 - 01861897 _____ C:\Windows\WindowsUpdate.log2013-09-26 12:19 - 2010-04-04 15:28 - 00000000 ____D C:\Users\Harry\Documents\COMPUTER_ISSUES2013-09-26 12:14 - 2010-05-19 19:12 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000Core.job2013-09-26 12:14 - 2010-03-28 10:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-09-25 14:52 - 2009-12-23 13:34 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHarry2013-09-25 14:52 - 2009-12-23 13:34 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForHarry.job2013-09-24 17:25 - 2013-09-24 17:17 - 00000000 ____D C:\Users\Harry\Downloads\HIJACK2013-09-24 17:11 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-09-24 17:11 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-09-24 16:53 - 2010-11-25 17:53 - 00000000 ____D C:\Users\Harry\Downloads\FLASH2013-09-24 10:45 - 2010-01-31 17:04 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{63C58751-CFD9-4E61-8D18-2CE72A557C6C}2013-09-23 09:07 - 2013-09-23 08:49 - 00001791 _____ C:\Users\Harry\Desktop\TERESA-KING-PHONE-RECORD.txt2013-09-21 08:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing2013-09-20 20:14 - 2013-09-13 06:49 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2013-09-20 20:14 - 2012-10-12 09:58 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-09-20 20:14 - 2012-04-11 11:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-09-20 20:14 - 2012-01-15 11:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-09-20 11:03 - 2010-03-03 13:34 - 00000000 ____D C:\Users\Harry\Documents\VA2013-09-19 15:36 - 2012-08-26 18:51 - 00000000 ____D C:\Users\Harry\Documents\MISC MELBA2013-09-19 10:39 - 2010-03-29 03:54 - 00000000 ____D C:\Users\Harry\Documents\HG2013-09-19 08:47 - 2009-12-21 13:04 - 00000000 ____D C:\THEATRGROUP2013-09-16 11:36 - 2012-08-31 14:33 - 00000998 _____ C:\Users\Harry\Desktop\magicJack.lnk2013-09-16 11:36 - 2012-08-31 14:33 - 00000984 _____ C:\Users\Harry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk2013-09-16 11:36 - 2012-08-31 14:32 - 00000000 ____D C:\Users\Harry\AppData\Roaming\mjusbsp2013-09-16 11:35 - 2009-07-13 23:51 - 00057949 _____ C:\Windows\setupact.log2013-09-15 09:10 - 2013-08-19 09:40 - 00000000 ____D C:\Users\Harry\Documents\4-SALE2013-09-13 17:04 - 2011-08-11 20:07 - 00000000 ____D C:\Users\Harry\Documents\BOONO2013-09-13 16:12 - 2010-04-17 21:40 - 00000000 ____D C:\Program Files (x86)\QuickTime2013-09-13 15:49 - 2010-04-17 21:32 - 00000000 ____D C:\Users\Harry\Downloads\QUICKTIME2013-09-13 14:55 - 2013-09-12 10:55 - 00000000 ____D C:\VueScan2013-09-13 13:54 - 2011-07-22 18:37 - 00000000 ____D C:\Users\Harry\AppData\Roaming\KeePass2013-09-12 11:01 - 2013-09-12 10:55 - 00000638 _____ C:\Users\UpdatusUser\Desktop\VueScan.lnk2013-09-12 11:01 - 2013-09-12 10:55 - 00000638 _____ C:\Users\Harry\Desktop\VueScan.lnk2013-09-12 10:56 - 2010-02-10 14:04 - 00018622 _____ C:\Windows\DPINST.LOG2013-09-12 10:55 - 2010-04-14 15:07 - 00000000 ____D C:\Users\Harry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TWAIN Working Group2013-09-12 10:53 - 2013-09-12 10:53 - 00001062 _____ C:\Users\Public\Desktop\EPSON Smart Panel.lnk2013-09-12 10:52 - 2013-09-12 10:51 - 00000000 ____D C:\Program Files (x86)\EPSON2013-09-12 10:47 - 2009-08-21 11:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-09-12 09:38 - 2013-09-12 09:38 - 00000000 ____D C:\Users\Harry\AppData\Roaming\PDF Architect2013-09-12 09:38 - 2009-12-16 21:57 - 00000000 ____D C:\Program Files (x86)\PDFCreator2013-09-12 09:37 - 2013-09-12 09:37 - 00001041 _____ C:\Users\Public\Desktop\PDFCreator.lnk2013-09-12 09:37 - 2013-09-12 09:37 - 00001003 _____ C:\Users\Harry\Desktop\PDF Architect.lnk2013-09-12 09:37 - 2013-09-12 09:37 - 00000000 ____D C:\Users\Harry\Documents\PDF Architect Files2013-09-12 09:37 - 2013-09-12 09:37 - 00000000 ____D C:\Program Files (x86)\PDF Architect2013-09-12 09:27 - 2013-09-12 09:19 - 00000000 ____D C:\Users\Harry\Downloads\PDF-CONVERTER2013-09-12 09:20 - 2013-09-12 09:20 - 00003180 _____ C:\Windows\System32\Tasks\{2D279E44-1BF4-48C8-BF4C-C1D83BD942BD}2013-09-12 09:20 - 2013-09-12 09:20 - 00000000 ____D C:\Program Files (x86)\GPLGS2013-09-12 09:08 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp2013-09-12 08:58 - 2013-09-12 08:58 - 00001261 _____ C:\Users\Public\Desktop\Adobe Acrobat 5.0.lnk2013-09-12 08:58 - 2013-09-12 08:58 - 00000000 ____D C:\Windows\SysWOW64\Adobe2013-09-12 08:58 - 2010-10-21 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird2013-09-12 08:58 - 2009-12-15 10:06 - 00000000 ____D C:\Program Files (x86)\Adobe2013-09-12 08:58 - 2009-12-14 12:20 - 00000000 ____D C:\Users\Harry\AppData\Roaming\Adobe2013-09-12 08:57 - 2013-09-12 08:57 - 00000000 ____D C:\Users\Harry\Documents\My eBooks2013-09-12 08:57 - 2013-09-12 08:57 - 00000000 ____D C:\Users\Harry\AppData\Roaming\InterTrust2013-09-12 08:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\inetsrv2013-09-12 08:47 - 2013-09-12 08:47 - 00292480 _____ C:\Windows\Minidump\091213-51714-01.dmp2013-09-12 08:47 - 2011-01-30 19:11 - 00065536 _____ C:\Windows\system32\Ikeext.etl2013-09-12 08:47 - 2010-11-20 01:26 - 412643167 _____ C:\Windows\MEMORY.DMP2013-09-12 08:47 - 2010-11-20 01:26 - 00000000 ____D C:\Windows\Minidump2013-09-12 08:47 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-09-12 07:28 - 2013-09-12 07:28 - 00000771 _____ C:\Users\Harry\Desktop\CASENET - Shortcut.lnk2013-09-11 21:35 - 2009-07-14 00:08 - 00032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-09-11 21:34 - 2009-08-21 11:52 - 00559172 _____ C:\Windows\PFRO.log2013-09-11 21:33 - 2012-07-08 18:49 - 00000000 ____D C:\Users\Harry\Downloads\CHROME2013-09-11 18:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache2013-09-11 12:46 - 2009-12-14 12:02 - 00000000 ____D C:\Users\Harry2013-09-11 11:09 - 2013-09-11 03:31 - 00000000 ____D C:\Users\Harry\Downloads\HITMAN2013-09-11 10:57 - 2013-09-11 10:57 - 00000000 ____D C:\Windows\ERUNT2013-09-11 10:45 - 2013-09-11 10:29 - 00000000 ____D C:\AdwCleaner2013-09-11 10:08 - 2011-08-19 19:50 - 00000000 ____D C:\Users\Harry\AppData\Roaming\ArmorSurf2013-09-11 10:06 - 2011-07-04 08:45 - 00000000 ____D C:\Users\Harry\AppData\Local\CrashDumps2013-09-11 10:06 - 2009-07-13 21:34 - 00000841 _____ C:\Windows\win.ini2013-09-11 10:06 - 2009-07-13 21:34 - 00000219 _____ C:\Windows\SYSTEM.INI2013-09-11 10:00 - 2012-05-16 12:59 - 00000000 ____D C:\ProgramData\WebEx2013-09-11 09:11 - 2013-09-11 09:11 - 00000000 ____D C:\Users\Harry\Documents\ATT2013-09-11 03:48 - 2013-09-11 03:32 - 00000000 ____D C:\ProgramData\HitmanPro2013-09-11 03:35 - 2013-09-11 03:35 - 00001903 _____ C:\Users\Public\Desktop\HitmanPro.lnk2013-09-11 03:35 - 2013-09-11 03:33 - 00000000 ____D C:\Program Files\HitmanPro2013-09-11 01:55 - 2013-09-11 01:55 - 00000000 ____D C:\Users\Harry\AppData\Roaming\qualys2013-09-11 01:49 - 2009-12-21 12:39 - 00000000 ____D C:\Users\Harry\AppData\Local\Adobe2013-09-11 01:48 - 2009-12-21 12:42 - 00000000 ____D C:\ProgramData\Adobe2013-09-11 01:42 - 2011-07-27 23:26 - 00000000 ____D C:\Users\Harry\Downloads\ADOBE READER2013-09-11 01:14 - 2011-04-10 17:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-11 00:26 - 2013-09-11 00:26 - 00000000 ____D C:\Users\Harry\Downloads\MICROSOFT FIXIT2013-09-10 16:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\catroot2.old2013-09-10 16:26 - 2009-12-14 12:12 - 00000000 ___RD C:\Users\Harry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-09-10 16:26 - 2009-12-14 12:12 - 00000000 ___RD C:\Users\Harry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-09-10 16:25 - 2009-07-13 23:45 - 00550688 _____ C:\Windows\system32\FNTCACHE.DAT2013-09-10 16:12 - 2013-07-11 20:55 - 00000000 ____D C:\Windows\system32\MRT2013-09-10 16:09 - 2009-12-15 08:33 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-09-09 09:38 - 2013-04-30 20:47 - 00000000 ____D C:\Users\Harry\Documents\DISH-TV2013-09-09 08:36 - 2011-02-06 00:27 - 00000000 ____D C:\Program Files (x86)\Opera2013-09-09 02:19 - 2010-12-21 10:06 - 00000000 ____D C:\Program Files (x86)\McAfee2013-09-07 19:11 - 2013-09-07 19:11 - 00007019 _____ C:\Users\Harry\Desktop\KYOCERA.lnk2013-08-29 22:28 - 2012-12-20 01:26 - 00000000 ____D C:\Program Files\McAfee Files to move or delete:====================C:\Users\Harry\AppData\Roaming\CamLayout.iniC:\Users\Harry\AppData\Roaming\CamShapes.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 18:01 ==================== End Of Log ============================ 3. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2013Ran by Harry at 2013-09-26 14:15:40Running from C:\Users\Harry\Downloads\JRTBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Norton 360 Premier Edition (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Norton 360 Premier Edition (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton 360 Premier Edition (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== Acrobat.com (x32 Version: 2.0.0)Acrobat.com (x32 Version: 2.0.0.0)Activate Norton Online Backup (x32 Version: 1.1.20.0)ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2)Adobe Acrobat 5.0 (x32 Version: 5.0)Adobe AIR (x32 Version: 2.7.0.19530)Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)Adobe Photoshop 7.0 (x32 Version: 7.0)Adobe Reader XI (11.0.04) (x32 Version: 11.0.04)Advanced PDF Password Recovery (x32 Version: 5.5.97.1071)Advanced PDF Password Recovery Pro (x32)AIM 7 (x32)AIM Toolbar (x32)AMP Font Viewer (x32)Apple Application Support (x32 Version: 2.3.4)Apple Software Update (x32 Version: 2.1.3.127)Applet_App (x32)Applet_Copy (x32)Applet_Creativity (x32)Applet_Email (x32)Applet_Epp (x32)Applet_File (x32)Applet_OCR (x32)Applet_Web (x32)ArcSoft PhotoImpression 3.0 (x32)Artisteer 2 (Beta) (x32 Version: 2.0)Audacity 2.0.3 (x32 Version: 2.0.3)Avi to Mpeg 3.2 (x32 Version: 3.0)AVS Update Manager 1.0 (x32)AVS Video Converter 8 (x32)AVS4YOU Software Navigator 1.4 (x32)Backpack Driver (x32)Belkin Setup and Router Monitor (x32)Celtx (2.9.7) (x32 Version: 2.9.7 (en-US))Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)ConvertHelper 2.2 (x32)Copy Utility (x32)CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101)DHTML Menu Builder 4.3 (x32)DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)EPSON Photo Print (x32)EPSON Smart Panel (x32)EPSON TWAIN 5 (x32)ffdshow [rev 3119] [2009-10-27] (x32 Version: 1.0)Final Draft (x32 Version: 8.0.3.120)Final Draft 6 (x32 Version: 6.0.10)Final Draft AV Demo (x32)FlashCatch (x32)FLV Downloader (HKCU)FLVideoConverter (x32)FontInfo 1.0.2.1 (x32)FontPage 2.0.8 (x32)Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1)Freez FLV to AVI/MPEG/WMV Converter (x32 Version: 1.6)Freez Screen Video Capture v1.2 (x32 Version: 1.2)Google Chrome (x32 Version: 29.0.1547.76)Google Earth (x32 Version: 7.1.1.1888)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)Google Update Helper (x32 Version: 1.3.21.153)Greenshot 1.1.5.2643 (Version: 1.1.5.2643)Hardware Diagnostic Tools (Version: 6.0.5434.08)HitmanPro 3.7 (Version: 3.7.7.205)HP Advisor (x32 Version: 3.2.8946.3086)HP Customer Experience Enhancements (x32 Version: 6.0.1.3)HP Games (x32 Version: 1.0.0.71)HP Odometer (x32 Version: 2.10.0000)HP Remote Solution (x32 Version: 1.1.9.0)HP Setup (x32 Version: 1.2.3220.3079)HP Support Assistant (x32 Version: 4.2.8.3)HP Support Information (x32 Version: 10.1.0002)HP Update (x32 Version: 5.001.000.014)HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3)IMVU Avatar Chat Software (HKCU)Inkscape 0.48.1 (x32 Version: 0.48.1)Internet TV for Windows Media Center (x32 Version: 3.2.1.0)Java 7 Update 25 (x32 Version: 7.0.250)Java Auto Updater (x32 Version: 2.1.9.5)Java 6 Update 37 (x32 Version: 6.0.370)Junk Mail filter update (x32 Version: 14.0.8117.416)KeePass Password Safe 1.20 (x32 Version: 1.20)KeePass Password Safe 2.16 (x32)Knoll Light Factory EZ Studio (x32)LabelPrint (x32 Version: 2.5.1901)LightScribe System Software (x32 Version: 1.18.5.1)LiveAdvisor (Symantec Corporation) (x32 Version: 1.0.0.706)LiveUpdate (x32)LiveUpdate BVRP Software (x32 Version: 1.00.005)LSI PCI-SV92EX Soft Modem (Version: 2.2.100)Macromedia Contribute 3.11 (x32 Version: 3.11.0.2419)Macromedia Dreamweaver 8 (x32 Version: 8.0.0.2734)Macromedia Extension Manager (x32 Version: 1.7.240)Macromedia Fireworks 8 (x32 Version: 8.0.0.777)Macromedia Flash 8 (x32 Version: 8.00.0000)Macromedia Flash 8 Video Encoder (x32 Version: 1.00.0000)Magic Bullet Looks Studio (x32)magicJack (HKCU Version: 2.0.6073.4413)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)McAfee SiteAdvisor (x32 Version: 3.6.196)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Choice Guard (x32 Version: 2.0.48.0)Microsoft Live Search Toolbar (x32 Version: 3.0.560.0)Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Works (x32 Version: 9.7.0621)mobile PhoneTools (x32 Version: 3.07a 25/05/2004)Moto Helper Service (x32 Version: 5.5)MotoHelper 2.1.40 Driver 5.5.0 (x32 Version: 2.1.40)MotoHelper MergeModules (x32 Version: 1.0.0)MotoHelper MergeModules (x32 Version: 1.2.0)Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)Mototools Software Update (x32 Version: 3.3.6)Mozilla Firefox 20.0.1 (x86 en-US) (x32 Version: 20.0.1)Mozilla Maintenance Service (x32 Version: 20.0.1)Mozilla Thunderbird (3.1.5) (x32 Version: 3.1.5 (en-US))MSVCRT (x32 Version: 14.0.1468.721)MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)Netscape Navigator (9.0.0.6) (x32 Version: 9.0.0.6 (en-US))Norton 360 Premier Edition (x32 Version: 20.4.0.40)NoteTab Pro (Remove only) (x32 Version: 4.91)NVIDIA Control Panel 307.83 (Version: 307.83)NVIDIA Display Control Panel (Version: 6.14.12.5721)NVIDIA Drivers (Version: 1.10.61.39)NVIDIA Graphics Driver 307.83 (Version: 307.83)NVIDIA Install Application (Version: 2.1002.109.706)NVIDIA Update 1.10.8 (Version: 1.10.8)NVIDIA Update Components (Version: 1.10.8)OE-Mail Recovery 1.7 (x32)Opera 12.16 (x32 Version: 12.16.1860)Oxelon Media Converter 1.1 (x32)Paint Shop Pro 5.01 (x32)Paint Shop Pro 7 ESD (x32 Version: 7.0.0.0000)Password Fortress 1.0.1 (x32 Version: 1.0.1)PDF Architect (x32 Version: 1.1.83.9982)PDFCreator (x32 Version: 1.7.1)Personal Vault 1.4 (x32)Pinnacle Studio 14 (x32 Version: 14.0.0.7255)Pinnacle Studio Ultimate Collection Plugins (x32 Version: 14.0.0.7255)Pinnacle Video Driver (Version: 12.1.0.030)Pinnacle VideoSpin (x32 Version: 2.0.0.669)Power2Go (x32 Version: 6.0.3101)PowerDirector (x32 Version: 7.0.3101)PowerRecover (x32 Version: 5.5.1923)Protected Folder (x32)PVSonyDll (Version: 1.00.0001)QuickTime (x32 Version: 7.74.80.86)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196)Red Giant ToonIt Studio (x32)Safari (x32 Version: 5.34.57.2)ScanToWeb (x32)SureThing Express Labeler (x32)SWFRIP 0.4 (x32)Symantec WinFax PRO 10.0 (x32)Text-Osterone 1.117 (x32)The KMPlayer (remove only) (x32)Trapcode 3DStroke Studio (x32)Trapcode Particular Studio (x32)Trapcode Shine Studio (x32)Twacker 64 (Version: 2.0.1)Ulead COOL 3D 2 (x32)Ulead COOL 3D 3.5 (x32)VueScan (x32)Widevine Media Optimizer Chrome 6.0.0 (HKCU Version: 6.0.0.12442)Widevine Media Optimizer Chrome 6.0.0 (x32 Version: 6.0.0.12442)Windows Live Communications Platform (x32 Version: 14.0.8117.416)Windows Live Essentials (x32 Version: 14.0.8117.0416)Windows Live Essentials (x32 Version: 14.0.8117.416)Windows Live Mail (x32 Version: 14.0.8117.0416)Windows Live Sign-in Assistant (x32 Version: 5.000.818.5)Windows Live Upload Tool (x32 Version: 14.0.8014.1029)Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)WinHTTrack Website Copier 3.43-9C (x64) (Version: 3.43.9)WinSCP 4.3.7 (x32 Version: 4.3.7)WinX Free MOV to MPEG Converter 4.1.9 (x32)WinZip (x32 Version: 9.0 SR-1 (6224))Xenu's Link Sleuth (x32 Version: 1.3.7)Xilisoft MOV Converter (x32 Version: 5.1.37.0120)ZOC Terminal (x32 Version: 4.15) ==================== Restore Points ========================= 24-09-2013 22:08:02 9-24-13 ==================== Hosts content: ========================== 2009-07-13 21:34 - 2013-09-26 13:52 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0643BEA0-C4D4-45BE-A774-8DDA9CAB2475} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()Task: {2413C324-1674-4D4D-91B7-643ED5EB3582} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000Core => C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)Task: {346D0D31-1355-4AC4-9161-7B0AE03C158C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)Task: {3544EFEF-9F01-4F0F-B703-BEFEDE71BF6F} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()Task: {5792F989-82CA-4085-A8FF-2FAA36EA69E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000UA => C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)Task: {5F6356D6-A32C-4CA3-9FCE-01AA5BFF512D} - System32\Tasks\Norton One\Norton Error Processor => C:\Program Files (x86)\Norton One\Engine\3.2.0.19\SymErr.exeTask: {67BB25DB-E406-42F4-B3F2-E4FBD11415F8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)Task: {712EC6AF-97F0-4CB9-9C61-7415C5609E50} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)Task: {7683DF85-C451-4DC1-A311-6C537DF1E268} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)Task: {773EB4CF-BB47-4107-A398-96BF440D286E} - System32\Tasks\Norton One\Norton Error Analyzer => C:\Program Files (x86)\Norton One\Engine\3.2.0.19\SymErr.exeTask: {7A8EF999-2A2C-4EC5-9798-8A4481FC3C84} - System32\Tasks\HPCeeScheduleForHarry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)Task: {8E5BF0AB-80E6-4924-9EBF-91BBD67DC321} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-05] (Microsoft Corporation)Task: {9315E4BC-F162-4041-B3E0-3E2C2664FD8F} - System32\Tasks\User_Feed_Synchronization-{63C58751-CFD9-4E61-8D18-2CE72A557C6C} => C:\Windows\system32\msfeedssync.exe [2013-03-13] (Microsoft Corporation)Task: {A8465D0B-9AE0-4F13-B016-ABA1D8532A9E} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()Task: {BFB46608-F1E6-4B0B-802B-1AF974EA5345} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: {E9F9B529-2314-4DAC-BCA9-FF269854EC62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)Task: {FE61DDF7-EADA-48D7-A45B-126AB8F85EAB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000Core.job => C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4050790218-1552307734-3448739108-1000UA.job => C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\HPCeeScheduleForHarry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exeTask: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe ==================== Loaded Modules (whitelisted) ============= 2009-08-21 12:38 - 2013-02-19 22:32 - 18376008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2012-03-22 20:20 - 2012-02-18 21:35 - 00192208 _____ (Martin Prikryl) C:\Program Files (x86)\WinSCP3\DragExt64.dll2013-06-11 13:40 - 2013-05-28 12:52 - 01728336 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\BuEng.dll2013-09-10 15:59 - 2013-08-01 20:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-09-10 15:59 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll2013-09-10 15:59 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll2011-03-02 12:39 - 2010-11-20 07:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll2011-03-02 12:39 - 2010-11-20 07:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll2009-07-13 18:25 - 2009-07-13 20:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll2012-02-14 19:08 - 2011-12-16 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll2011-03-02 12:39 - 2010-11-20 07:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll2009-07-13 18:11 - 2009-07-13 20:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll2013-08-13 19:35 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll2012-07-10 19:13 - 2012-06-01 23:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll2009-07-13 18:12 - 2009-07-13 20:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll2013-09-10 15:59 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll2011-03-02 12:39 - 2010-11-20 07:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll2011-10-12 18:56 - 2011-08-26 23:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll2013-08-13 19:35 - 2013-07-08 23:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll2011-03-02 12:39 - 2010-11-20 07:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll2013-08-13 19:35 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll2009-07-13 18:28 - 2009-07-13 20:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll2013-06-10 11:00 - 2011-11-14 15:13 - 00243616 _____ (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffIpHelper.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll2009-07-13 18:12 - 2009-07-13 20:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll2013-06-10 11:00 - 2011-11-14 15:13 - 00139680 _____ (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffCrypto.dll2011-03-02 12:39 - 2010-11-20 07:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll2011-06-30 21:59 - 2011-05-24 05:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll2011-06-30 21:59 - 2011-05-24 05:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll2009-07-13 18:44 - 2009-07-13 20:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL2013-06-10 11:00 - 2011-11-14 15:13 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll2009-07-13 18:15 - 2009-07-13 20:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL2012-04-10 18:54 - 2012-03-01 00:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll2013-09-10 15:59 - 2013-08-01 20:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcWow64.DLL2009-07-13 18:15 - 2009-07-13 20:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll2012-01-20 17:54 - 2012-01-20 17:54 - 01032192 _____ (Motorola Mobility Inc.) C:\Program Files (x86)\Motorola\MotoHelper\PST.dll2013-09-10 15:59 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNEL32.dll2013-09-10 15:59 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\shell32.dll2010-09-14 23:33 - 2010-09-14 23:33 - 00004608 _____ () C:\Program Files (x86)\Motorola\Moto Helper Service\Command.dll2010-06-20 19:22 - 2010-06-20 19:22 - 00017920 _____ () C:\Program Files (x86)\Motorola\Moto Helper Service\merapi-core-cs.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\ws2_32.dll2013-09-10 16:14 - 2013-08-09 22:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll2011-03-02 12:39 - 2010-11-20 07:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\user32.DLL2011-03-02 12:39 - 2010-11-20 07:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\shlwapi.DLL2009-07-13 18:15 - 2009-07-13 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL2013-09-10 16:14 - 2013-08-09 22:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll2011-03-02 12:39 - 2010-11-20 07:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.DLL2013-06-10 11:00 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll2013-06-10 11:00 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll2013-06-10 11:00 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll2011-03-02 12:39 - 2010-11-20 07:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll2011-03-02 12:38 - 2010-11-20 07:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll2013-06-10 11:00 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll2013-06-10 11:00 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll2009-07-13 18:15 - 2009-07-13 20:10 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SFC.DLL2013-09-10 16:14 - 2013-08-09 22:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll2012-07-10 19:13 - 2012-06-01 23:40 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2009-07-13 18:33 - 2009-07-13 20:17 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll2013-06-10 11:00 - 2011-11-14 15:13 - 02204064 _____ (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\AffStateMc.dll2013-06-10 11:00 - 2011-11-14 15:13 - 00205216 _____ (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\affNdis.dll2013-06-10 11:00 - 2010-08-22 19:36 - 00118784 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Program Files (x86)\Belkin\Router Setup and Monitor\W32N55.dll2013-06-10 11:00 - 2013-09-12 08:49 - 00180224 _____ (Softanics) C:\Users\Harry\AppData\Local\Temp\AFF1.tmp\f_in_box.dll2013-06-10 11:00 - 2011-11-14 14:28 - 00663552 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll2013-04-08 18:03 - 2013-04-08 18:03 - 00299008 _____ (The cURL library, http://curl.haxx.se/) C:\Program Files (x86)\PDF Architect\libcurl.dll2011-03-02 12:38 - 2010-11-20 07:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll2013-06-11 13:40 - 2013-05-28 12:52 - 01439056 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\BuEng.dll2011-03-02 12:39 - 2010-11-20 07:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll2013-09-18 08:38 - 2013-08-21 09:34 - 00799136 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130918.001\IDSxpx86.dll2009-07-13 18:53 - 2009-07-13 20:15 - 00462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll2013-06-11 13:40 - 2012-08-16 20:05 - 00374232 ____R (GEAR-Software) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\gwrks32.dll2013-06-11 13:40 - 2012-08-16 20:05 - 03914712 ____R (GEAR-Software) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\gearaw32.dll2013-09-25 15:05 - 2013-08-21 09:34 - 00799136 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130925.001\IDSxpx86.dll2013-09-23 23:37 - 2013-09-23 23:37 - 02037688 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130924.001\BHEngine.dll2013-06-11 13:41 - 2012-05-30 09:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360 PREMIER EDITION\ENGINE\20.4.0.40\wincfi39.dll2009-07-13 18:24 - 2009-07-13 20:15 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll2009-07-13 18:31 - 2009-07-13 20:15 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiltcfg.dll2011-03-02 12:39 - 2010-11-20 07:19 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:DED17083AlternateDataStreams: C:\ProgramData\Temp:F4CA4D70 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Microsoft Teredo Tunneling AdapterDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:================== System errors:============= Microsoft Office Sessions:========================= CodeIntegrity Errors:=================================== Date: 2010-04-05 14:48:07.420 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system. Date: 2010-04-05 14:34:11.262 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 42%Total physical RAM: 2942.49 MBAvailable physical RAM: 1677.62 MBTotal Pagefile: 5883.17 MBAvailable Pagefile: 4031.9 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (COMPAQ) (Fixed) (Total:454.76 GB) (Free:282.01 GB) NTFSDrive d: (FACTORY_IMAGE) (Fixed) (Total:10.9 GB) (Free:1.71 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive h: (WD MediaCtr) (Fixed) (Total:149.01 GB) (Free:99.69 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 1549F232)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=455 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS) ========================================================Disk: 3 (Size: 149 GB) (Disk ID: 44FDFE06)Partition 1: (Not Active) - (Size=149 GB) - (Type=0C) ==================== End Of Log ============================
  10. Hello forum members. New here. For the past couple of months I've had a problem with a window which pops up when I'm searching, ordering, logging in to forums, etc. I've searched everywhere for a solution, and have found that although others have this problem, a solution has not yet been found. I use Chrome as my primary browser, and keep it up to date. OS is Windows 7. I've run Norton scans, Malwarebytes scans, Hitman scans and a host of others. Most recently I ran Hijackthis, and since I can't identify much of what I found in the results of the scan, I'm posting it here hoping someone will see something within the log which relates to this pop-up issue. First, here is an example of the url which pops up at the most inconvenient times (even with AdBlocker installed in Chrome): http://rvzr-a.akamaihd.net/sd/wrap-0.01.html?u=http%3A%2F%2Frvzr-a.akamaihd.net%2Fsd%2Fapps%2Ffusionx%2F0.0.3.html%3Faff%3D3800-100 Here is the Hijackthis log file: Logfile of Trend Micro HijackThis v2.0.5Scan saved at 5:25:03 PM, on 9/24/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v10.0 (10.00.9200.16686)CHROME: 6.0.0.12442FIREFOX: 20.0.1 (en-US)Boot mode: Normal Running processes:C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeC:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Users\Harry\Downloads\HIJACK\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = PreserveR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe \Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dllO2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition \Engine\20.4.0.40\coIEPlg.dllO2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: FlashCatchBHO Class - {88618A96-6D8A-42E7-B932-9073D5B2080F} - C:\Program Files (x86)\FlashCatch\flashcatch.dllO2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar \GoogleToolbar_32.dllO2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar \3.0.0560.0\msneshellx.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar \3.0.0560.0\msneshellx.dllO3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllO3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO3 - Toolbar: FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dllO3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine \20.4.0.40\coIEPlg.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar \GoogleToolbar_32.dllO3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dllO4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exeO4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeO4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDEDO4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preloadO4 - HKLM\..\Run: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startupO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\RunOnce: [iE 3.0 RegSvr schannel.dll] C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\schannel.dllO4 - HKCU\..\Run: [Google Update] "C:\Users\Harry\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [cdloader] "C:\Users\Harry\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACKO4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files (x86)\Adobe\Acrobat 5.0\Distillr\AcroTray.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Configuration Wizard.lnk = C:\Program Files (x86)\Symantec\WinFax\WTNSETUP.EXEO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\OFFICE~1\OFFICE11\REFIEBAR.DLLO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} (WebBrowserType Class) - https://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files \Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows \SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exeO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater \GoogleUpdaterService.exeO23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exeO23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exeO23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exeO23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exeO23 - Service: Motorola Helper (MotoHelper.exe) - Motorola - C:\Program Files (x86)\Motorola\Moto Helper Service\MotoHelper.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service \maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeO23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exeO23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat \WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem \WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing) --End of file - 13553 bytes =================== Thank you in advance for any help. Best regards -- themuse
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.