Jared93

Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! Norton Security Suite WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 24 Java 7 Update 10 Java version out of Date! Adobe Flash Player 11.4.402.278 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 28.0.1500.72 Google Chrome 28.0.1500.95 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````

Also, quickly before I go. Chrome is failing to update. My firewall is set to "allow" for Chrome and Chrome installer to be able to function so I'm not entirely sure why that is.

Both browsers are now opening as they should . I believe that there was one obvious plugin in Chrome that was a problem. It was named "Native Client" and it was described under details as being stored as a Chrome plugin. So it seemed sketchy and it was the only one I disabled to be sure. The others seemed okay. No odd extensions under Chrome either. Is there a way to completely remove the plugin? Thanks Mr C, I'll be back from work after about 5 hours

After looking at the frst.txt, the internet whitelisted section displays the foreign website that I get taken to when opening a browser. the last "searchscope" thing that says "search.ueep.com/q=?". It's also under the section titled Chrome, it shows the homepage stuff and redirecting site "search.ueep.com". I don't know if that information helps you see a problem or not, but if that helps show the location of the issue then I figured I should say something.

Couldn't have asked for better help or response times, Thanks again Mr C FRST log Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013Ran by Jared (administrator) on 16-08-2013 20:06:22Running from C:\Users\Jared\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe(AMD) C:\Windows\system32\atieclxx.exe(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe() C:\Program Files\Rainmeter\Rainmeter.exe(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-03-04] (Sun Microsystems, Inc.)HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard)HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-06-02] (IDT, Inc.)HKLM\...\Run: [intelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel® Corporation)HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-01-27] ()HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1641896 2013-06-06] (Valve Corporation)HKCU\...\Run: [iSUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)HKLM-x32\...\Run: [MSN Toolbar] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe [240472 2009-11-30] (Microsoft Corp.)HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [3331944 2009-12-03] (Symantec Corporation)HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()Lsa: [Notification Packages] DPPassFilter scecliStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnkShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {AAD93412-F6F5-4135-85B4-A88054F75DE6} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushplSearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {ABD2E6E5-6F97-46F6-AADE-9D6897A37922} URL = SearchScopes: HKCU - {AAD93412-F6F5-4135-85B4-A88054F75DE6} URL = SearchScopes: HKCU - {ABD2E6E5-6F97-46F6-AADE-9D6897A37922} URL = SearchScopes: HKCU - {N324-ADWF32D-T23R-TR32DSA-L32RT-YRED123} URL = search.ueep.com/?q=BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocxDPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cabHandler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Chrome: =======CHR HomePage: search.ueep.comCHR RestoreOnStartup: "search.ueep.com"CHR DefaultSearchURL: (Search) - http://search.ueep.com/?q={searchTerms}CHR DefaultSuggestURL: (Search) - "suggest_url": ""CHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Jared\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jared\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Users\Jared\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No FileCHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No FileCHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)CHR Plugin: (MSN\u00AE Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Google Update) - C:\Users\Jared\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (Hulu Desktop) - C:\Users\Jared\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (AT_JamesWhite) - C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0CHR Extension: (YouTube) - C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Norton Identity Protection) - C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0CHR Extension: (Gmail) - C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\Exts\Chrome.crxCHR StartMenuInternet: Google Chrome - C:\Users\Jared\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-10-31] () ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)S3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-08] (Symantec Corporation)R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-07-05] (Symantec Corporation)R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-07-05] (Symantec Corporation)R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.016\ENG64.SYS [126040 2013-08-15] (Symantec Corporation)R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.016\ENG64.SYS [126040 2013-08-15] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.016\EX64.SYS [2098776 2013-08-15] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130816.016\EX64.SYS [2098776 2013-08-15] (Symantec Corporation)S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-21] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-01-27] (CyberLink Corp.)R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-01-27] (CyberLink Corp.)U3 catchme; \??\C:\ComboFix\catchme.sys [x]S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-16 20:05 - 2013-08-16 20:05 - 01575580 _____ (Farbar) C:\Users\Jared\Downloads\FRST64.exe2013-08-16 19:50 - 2013-08-16 19:50 - 00018975 _____ C:\ComboFix.txt2013-08-16 19:38 - 2013-08-16 19:50 - 00000000 ____D C:\ComboFix2013-08-16 19:38 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe2013-08-16 19:38 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe2013-08-16 19:38 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2013-08-16 19:38 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2013-08-16 19:38 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2013-08-16 19:38 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe2013-08-16 19:38 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe2013-08-16 19:38 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe2013-08-16 19:33 - 2013-08-16 19:50 - 00000000 ____D C:\Qoobox2013-08-16 19:33 - 2013-08-16 19:48 - 00000000 ____D C:\Windows\erdnt2013-08-16 19:32 - 2013-08-16 19:33 - 05105390 ____R (Swearware) C:\Users\Jared\Downloads\ComboFix.exe2013-08-16 19:09 - 2013-08-16 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-08-16 19:03 - 2013-08-16 19:33 - 00000000 ____D C:\Users\Jared\Desktop\mbar2013-08-16 19:03 - 2013-08-16 19:03 - 12081912 _____ (Malwarebytes Corp.) C:\Users\Jared\Downloads\mbar-1.06.1.1005.exe2013-08-16 18:38 - 2013-08-16 18:38 - 00001435 _____ C:\Users\Jared\Desktop\JRT.txt2013-08-16 18:32 - 2013-08-16 18:32 - 00000000 ____D C:\Windows\ERUNT2013-08-16 18:31 - 2013-08-16 18:31 - 01159319 _____ (Thisisu) C:\Users\Jared\Downloads\JRT.exe2013-08-16 18:19 - 2013-08-16 18:19 - 00000783 _____ C:\AdwCleaner[R1].txt2013-08-16 18:18 - 2013-08-16 18:18 - 00666633 _____ C:\Users\Jared\Desktop\adwcleaner.exe2013-08-16 18:12 - 2013-08-16 18:12 - 00001827 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_181221.txt2013-08-16 18:10 - 2013-08-16 18:10 - 03800064 _____ C:\Users\Jared\Downloads\RogueKillerX64 (1).exe2013-08-16 18:03 - 2013-08-16 18:03 - 00019417 _____ C:\Users\Jared\Desktop\dds.txt2013-08-16 18:03 - 2013-08-16 18:03 - 00015278 _____ C:\Users\Jared\Desktop\attach.txt2013-08-16 16:45 - 2013-08-16 16:45 - 00448512 _____ (OldTimer Tools) C:\Users\Jared\Downloads\TFC.exe2013-08-16 16:36 - 2013-08-16 16:36 - 00001122 _____ C:\Users\Jared\Desktop\RKreport[0]_H_08162013_163604.txt2013-08-16 16:35 - 2013-08-16 16:35 - 00001758 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_163539.txt2013-08-16 16:32 - 2013-08-16 16:32 - 00001724 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_163237.txt2013-08-16 16:31 - 2013-08-16 16:31 - 00002087 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_163112.txt2013-08-16 16:29 - 2013-08-16 16:29 - 00002021 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_162916.txt2013-08-16 16:27 - 2013-08-16 16:27 - 00002368 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_162742.txt2013-08-16 16:25 - 2013-08-16 16:25 - 00002259 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_162552.txt2013-08-16 16:18 - 2013-08-16 16:18 - 00002223 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_161828.txt2013-08-16 16:16 - 2013-08-16 16:16 - 00002985 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_161628.txt2013-08-16 16:00 - 2013-08-16 16:00 - 00002890 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_160005.txt2013-08-16 15:56 - 2013-08-16 16:36 - 00000000 ____D C:\Users\Jared\Desktop\RK_Quarantine2013-08-15 19:05 - 2013-08-15 19:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security Suite2013-07-22 11:17 - 2013-07-22 11:17 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJared2013-07-21 17:17 - 2013-08-15 19:01 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForJared.job ==================== One Month Modified Files and Folders ======= 2013-08-16 20:05 - 2013-08-16 20:05 - 01575580 _____ (Farbar) C:\Users\Jared\Downloads\FRST64.exe2013-08-16 19:50 - 2013-08-16 19:50 - 00018975 _____ C:\ComboFix.txt2013-08-16 19:50 - 2013-08-16 19:38 - 00000000 ____D C:\ComboFix2013-08-16 19:50 - 2013-08-16 19:33 - 00000000 ____D C:\Qoobox2013-08-16 19:48 - 2013-08-16 19:33 - 00000000 ____D C:\Windows\erdnt2013-08-16 19:48 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini2013-08-16 19:33 - 2013-08-16 19:32 - 05105390 ____R (Swearware) C:\Users\Jared\Downloads\ComboFix.exe2013-08-16 19:33 - 2013-08-16 19:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-08-16 19:33 - 2013-08-16 19:03 - 00000000 ____D C:\Users\Jared\Desktop\mbar2013-08-16 19:27 - 2012-12-16 19:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-08-16 19:03 - 2013-08-16 19:03 - 12081912 _____ (Malwarebytes Corp.) C:\Users\Jared\Downloads\mbar-1.06.1.1005.exe2013-08-16 18:54 - 2010-10-11 09:13 - 01077930 _____ C:\Windows\WindowsUpdate.log2013-08-16 18:38 - 2013-08-16 18:38 - 00001435 _____ C:\Users\Jared\Desktop\JRT.txt2013-08-16 18:32 - 2013-08-16 18:32 - 00000000 ____D C:\Windows\ERUNT2013-08-16 18:31 - 2013-08-16 18:31 - 01159319 _____ (Thisisu) C:\Users\Jared\Downloads\JRT.exe2013-08-16 18:19 - 2013-08-16 18:19 - 00000783 _____ C:\AdwCleaner[R1].txt2013-08-16 18:18 - 2013-08-16 18:18 - 00666633 _____ C:\Users\Jared\Desktop\adwcleaner.exe2013-08-16 18:12 - 2013-08-16 18:12 - 00001827 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_181221.txt2013-08-16 18:10 - 2013-08-16 18:10 - 03800064 _____ C:\Users\Jared\Downloads\RogueKillerX64 (1).exe2013-08-16 18:08 - 2009-07-13 21:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-08-16 18:08 - 2009-07-13 21:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-08-16 18:03 - 2013-08-16 18:03 - 00019417 _____ C:\Users\Jared\Desktop\dds.txt2013-08-16 18:03 - 2013-08-16 18:03 - 00015278 _____ C:\Users\Jared\Desktop\attach.txt2013-08-16 17:27 - 2009-07-13 22:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI2013-08-16 17:25 - 2011-05-13 14:30 - 00000000 ____D C:\Program Files (x86)\Steam2013-08-16 16:48 - 2010-10-11 09:16 - 00302070 _____ C:\Windows\PFRO.log2013-08-16 16:48 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-08-16 16:48 - 2009-07-13 21:51 - 00079514 _____ C:\Windows\setupact.log2013-08-16 16:46 - 2011-04-30 21:31 - 00000000 ____D C:\Users\Jared\AppData\Local\CrashDumps2013-08-16 16:46 - 2009-07-13 22:08 - 00032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-08-16 16:45 - 2013-08-16 16:45 - 00448512 _____ (OldTimer Tools) C:\Users\Jared\Downloads\TFC.exe2013-08-16 16:36 - 2013-08-16 16:36 - 00001122 _____ C:\Users\Jared\Desktop\RKreport[0]_H_08162013_163604.txt2013-08-16 16:36 - 2013-08-16 15:56 - 00000000 ____D C:\Users\Jared\Desktop\RK_Quarantine2013-08-16 16:35 - 2013-08-16 16:35 - 00001758 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_163539.txt2013-08-16 16:32 - 2013-08-16 16:32 - 00001724 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_163237.txt2013-08-16 16:31 - 2013-08-16 16:31 - 00002087 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_163112.txt2013-08-16 16:29 - 2013-08-16 16:29 - 00002021 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_162916.txt2013-08-16 16:27 - 2013-08-16 16:27 - 00002368 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_162742.txt2013-08-16 16:25 - 2013-08-16 16:25 - 00002259 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_162552.txt2013-08-16 16:18 - 2013-08-16 16:18 - 00002223 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_161828.txt2013-08-16 16:16 - 2013-08-16 16:16 - 00002985 _____ C:\Users\Jared\Desktop\RKreport[0]_D_08162013_161628.txt2013-08-16 16:00 - 2013-08-16 16:00 - 00002890 _____ C:\Users\Jared\Desktop\RKreport[0]_S_08162013_160005.txt2013-08-15 19:05 - 2013-08-15 19:05 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security Suite2013-08-15 19:03 - 2011-08-04 20:15 - 00000000 ____D C:\Users\Jared\Tracing2013-08-15 19:02 - 2013-06-14 12:33 - 00003228 _____ C:\Windows\System32\Tasks\Norton WSC Integration2013-08-15 19:02 - 2011-06-13 21:13 - 00000000 ____D C:\Windows\system32\Drivers\N360x642013-08-15 19:01 - 2013-07-21 17:17 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForJared.job2013-08-15 18:57 - 2013-06-14 12:46 - 00002368 _____ C:\Users\Jared\Desktop\Google Chrome.lnk2013-07-22 11:17 - 2013-07-22 11:17 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJared2013-07-21 17:13 - 2011-06-13 21:14 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS2013-07-21 17:13 - 2011-06-13 21:14 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT Files to move or delete:====================C:\Users\Jared\hash.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-14 20:11 ==================== End Of Log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2013Ran by Jared at 2013-08-16 20:06:55Running from C:\Users\Jared\DownloadsBoot Mode: Normal========================================================== ==================== Installed Programs ======================= Acrobat.com (x32 Version: 1.6.65)Adobe AIR (x32 Version: 1.5.0.7220)Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)Adobe Flash Player 11 Plugin (x32 Version: 11.4.402.278)Adobe Reader 9.5.1 MUI (x32 Version: 9.5.1)Adobe Shockwave Player (x32 Version: 11.5.1.601)AMD Accelerated Video Transcoding (Version: 2.00.0002)AMD APP SDK Runtime (Version: 10.0.1016.4)AMD Catalyst Install Manager (Version: 8.0.891.0)AMD Drag and Drop Transcoding (Version: 2.00.0000)AMD Media Foundation Decoders (Version: 1.0.70405.2224)Apple Application Support (x32 Version: 1.5.1)Apple Mobile Device Support (Version: 3.4.0.25)Apple Software Update (x32 Version: 2.1.2.120)Battlefield 3™ (x32 Version: 1.4.0.0)Battlelog Web Plugins (x32 Version: 1.140.0)Bejeweled 2 Deluxe (x32 Version: 2.2.0.82)BioShock (x32)Blackhawk Striker 2 (x32 Version: 2.2.0.82)Blasterball 3 (x32 Version: 2.2.0.82)Bonjour (Version: 2.0.5.0)Build-a-lot 2 (x32 Version: 2.2.0.82)Cake Mania (x32 Version: 2.2.0.82)Catalyst Control Center - Branding (x32 Version: 1.00.0000)Catalyst Control Center (x32 Version: 2012.0405.2205.37728)Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728)Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002)Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728)CCC Help English (x32 Version: 2012.0405.2204.37728)ccc-utility64 (Version: 2012.0405.2205.37728)Chuzzle Deluxe (x32 Version: 2.2.0.82)Contents (x32 Version: 1.6.0.286)Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000)Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.116)Corel VideoStudio Pro X3 (x32 Version: 1.6.0.286)Counter-Strike: Global Offensive - SDK (x32)Counter-Strike: Global Offensive (x32)CyberLink DVD Suite (x32 Version: 7.0.2527)Definition update for Microsoft Office 2010 (KB982726)DeviceIO (x32 Version: 1.6.0.286)Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)Dora's Carnival Adventure (x32 Version: 2.2.0.82)DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715)Escape Rosecliff Island (x32 Version: 2.2.0.82)ESN Sonar (x32 Version: 0.70.4)ESU for Microsoft Windows 7 (x32 Version: 1.0.0)Faerie Solitaire (x32 Version: 2.2.0.82)FATE (x32 Version: 2.2.0.82)Google Chrome (HKCU Version: 28.0.1500.95)Guild Wars (x32)HP 3D DriveGuard (Version: 4.0.3.1)HP Advisor (x32 Version: 3.4.10144.3282)HP Customer Experience Enhancements (x32 Version: 6.0.1.7)HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43)HP Game Console (x32)HP Games (x32 Version: 1.0.0.80)HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0)HP MediaSmart DVD (x32 Version: 4.0.3727)HP MediaSmart Internet TV (x32 Version: 3.2.2513)HP MediaSmart Movies and TV (Version: 1.0.0.10)HP MediaSmart Music (x32 Version: 4.0.3722)HP MediaSmart Photo (x32 Version: 4.0.3722)HP MediaSmart SmartMenu (Version: 3.1.1.12)HP MediaSmart Video (x32 Version: 4.0.3722)HP MediaSmart Webcam (x32 Version: 4.0.2511)HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0)HP Photo Creations (x32 Version: 1.0.0.2261)HP Quick Launch (Version: 1.0.18)HP QuickWeb Installer (x32 Version: 1.2.9.1)HP Setup (x32 Version: 1.2.3988.3281)HP SimplePass Identity Protection (Version: 5.20.205)HP Software Framework (x32 Version: 4.1.8.1)HP Support Assistant (x32 Version: 7.0.39.15)HP Tone Control (Version: 2.0.2)HP Update (x32 Version: 5.001.000.014)HP User Guides 0177 (x32 Version: 1.01.0000)HP Wireless Assistant (Version: 4.0.3.2)Hulu Desktop (HKCU Version: 0.9.14)ICA (x32 Version: 1.6.0.286)ICA (x32 Version: 1.6.1.116)IDT Audio (x32 Version: 1.0.6292.0)Intel PROSet WirelessIntel PROSet Wireless (x32)Intel® Management Engine Components (x32 Version: 6.0.0.1179)Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001)Intel® Turbo Boost Technology Driver (x32 Version: 01.00.01.1002)IPM_PSP_Pro (x32 Version: 1.00.0000)IPM_VS_Pro (x32 Version: 13.0)ISCOM (x32 Version: 1.6.0.286)ISCOM (x32 Version: 1.6.1.116)iTunes (Version: 10.2.2.12)Java 7 Update 10 (x32 Version: 7.0.100)Java Auto Updater (x32 Version: 2.1.9.0)Java 6 Update 17 (64-bit) (Version: 6.0.170)Java 6 Update 24 (x32 Version: 6.0.240)Jewel Quest 3 (x32 Version: 2.2.0.82)Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82)Junk Mail filter update (x32 Version: 14.0.8089.726)LabelPrint (x32 Version: 2.5.2515)LightScribe System Software (x32 Version: 1.18.11.1)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)manPro 3.7 (Version: 3.7.7.203)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Choice Guard (x32 Version: 2.0.48.0)Microsoft Default Manager (x32 Version: 2.1.54.0)Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Publisher 2010 (Version: 14.0.6029.1000)Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)Microsoft Office Suite Activation Assistant (x32 Version: 2.9)Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Publisher 2010 (Version: 14.0.6029.1000)Microsoft Search Enhancement Pack (x32 Version: 2.0.270.0)Microsoft Silverlight (x32 Version: 3.0.40818.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Microsoft Works (x32 Version: 9.7.0621)Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715)MSN Toolbar (x32 Version: 4.0.0369.0)MSN Toolbar Platform (x32 Version: 4.0.0369.0)MSVCRT (x32 Version: 14.0.1468.721)MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82)Norton Online Backup (x32 Version: 2.0.0.34)Norton Security Suite (x32 Version: 20.4.0.40)Origin (x32 Version: 9.0.13.2142)Penguins! (x32 Version: 2.2.0.82)PhotoNow! (x32 Version: 1.1.6904)Plants vs. Zombies (x32 Version: 2.2.0.82)Poker Superstars III (x32 Version: 2.2.0.82)Polar Bowler (x32 Version: 2.2.0.82)Polar Golfer (x32 Version: 2.2.0.82)Power2Go (x32 Version: 6.1.3715)PowerDirector (x32 Version: 8.0.2514)PSPPContent (x32 Version: 1.00.0000)PSPPRO_DCRAW (x32 Version: 13.0.0)PunkBuster Services (x32 Version: 0.991)PureHD (x32 Version: 1.6.0.286)PX Profile Update (x32 Version: 1.00.1.)QuickTime (x32 Version: 7.69.80.9)Rainmeter (x32 Version: 2.2 r1116)Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.11.1127.2009)Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111)Recovery Manager (x32 Version: 5.5.2512)Roxio CinemaNow 2.0 (x32 Version: 1.0.254)Setup (x32 Version: 1.6.0.286)Setup (x32 Version: 1.6.1.116)Share (x32 Version: 1.6.0.286)Share64 (Version: 1.6.0.286)Skype™ 5.10 (x32 Version: 5.10.116)Sonic Adventure™ 2 (x32)Star Wars: The Old Republic (x32 Version: 1.00)StarCraft II (x32 Version: 1.5.3.23260)Steam (x32 Version: 1.0.0.0)Synaptics Pointing Device Driver (Version: 15.2.4.4)System Requirements Lab CYRI (x32 Version: 4.5.1.0)System Requirements Lab Test (x32 Version: 5.0.6.0)Team Fortress 2 (x32)Terraria (x32)TextTwist 2 (x32 Version: 2.2.0.82)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)Validity Sensors DDK (Version: 4.1.129.0)Ventrilo Client (x32 Version: 3.0.8)VIO (x32 Version: 1.6.0.286)Virtual Families (x32 Version: 2.2.0.82)Virtual Villagers - The Secret City (x32 Version: 2.2.0.82)VSClassic (x32 Version: 1.6.0.286)VSPro (x32 Version: 1.6.0.286)Warcraft III (x32)Warcraft III: All Products (HKCU)Wheel of Fortune 2 (x32 Version: 2.2.0.82)Windows Live Call (x32 Version: 14.0.8064.0206)Windows Live Communications Platform (x32 Version: 14.0.8064.206)Windows Live Essentials (x32 Version: 14.0.8089.0726)Windows Live Essentials (x32 Version: 14.0.8089.726)Windows Live Mail (x32 Version: 14.0.8089.0726)Windows Live Messenger (x32 Version: 14.0.8089.0726)Windows Live Photo Gallery (x32 Version: 14.0.8081.709)Windows Live Sync (x32 Version: 14.0.8089.726)Windows Live Upload Tool (x32 Version: 14.0.8014.1029)Windows Live Writer (x32 Version: 14.0.8089.0726)Windows Media Encoder 9 Series (x32 Version: 9.00.2980)Windows Media Encoder 9 Series (x32)WinRAR 4.11 (32-bit) (x32 Version: 4.11.0)Yahoo! Detect (x32)Zuma's Revenge (x32 Version: 2.2.0.82) ==================== Restore Points ========================= 15-12-2012 07:09:50 Removed Java 6 Update 2615-12-2012 07:10:53 Installed Java 7 Update 1014-06-2013 19:18:45 Removed CinemaNow Media Manager.14-06-2013 19:19:34 Removed CinemaNow Media Manager.14-06-2013 19:21:30 Configured PowerStarter14-06-2013 19:28:01 Norton Security Suite Registry17-08-2013 02:38:17 ComboFix created restore point ==================== Hosts content: ========================== 2009-07-13 19:34 - 2013-08-16 19:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {010610A8-B0BF-4F22-AF09-6C757DDBDAC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)Task: {1A1B21BC-DA8F-43F8-9968-6614E9D34147} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)Task: {240CD1AA-6880-43CB-B2A1-E49D2390730E} - System32\Tasks\HPCeeScheduleForJared => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)Task: {2D0276F3-1765-4727-BA14-5D183546D7B0} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe No FileTask: {65333631-7864-402C-BE89-4CD0BBC77626} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: {76E2ABED-C622-48EB-99BB-EFB01D535DD8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: {A12F06A3-0351-4459-8925-CAEB3585940E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: {C3D7C52B-BFBD-4DE0-A7D2-848C6DE6CC2F} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()Task: {C7643107-A5CB-4D1D-8B5F-F5B85FF5A82F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)Task: {CDAE6093-A0B4-412E-BD64-ED01994CDF59} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe No FileTask: {CF6588CA-29C9-4B9B-8C3D-37FFA53E414E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe No FileTask: {F10D5F3E-BE5A-4DA2-96B0-C2567A42C06D} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()Task: {F965FAAE-ED5F-489C-8052-53056DBB3F35} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\HPCeeScheduleForJared.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:================== System errors:=============Error: (08/16/2013 07:50:30 PM) (Source: NetBT) (User: )Description: The name "JARED-PC :0" could not be registered on the interface with IP address 192.168.1.109.The computer with the IP address 192.168.1.111 did not allow the name to be claimed bythis computer. Error: (08/16/2013 07:50:30 PM) (Source: NetBT) (User: )Description: The name "JARED-PC :0" could not be registered on the interface with IP address 192.168.1.109.The computer with the IP address 192.168.1.111 did not allow the name to be claimed bythis computer. Error: (08/16/2013 07:48:16 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (08/16/2013 07:47:36 PM) (Source: Application Popup) (User: )Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (08/16/2013 07:44:37 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Microsoft Office Sessions:========================= CodeIntegrity Errors:=================================== Date: 2013-08-16 19:47:36.185 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-16 19:47:36.138 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 62%Total physical RAM: 3893.86 MBAvailable physical RAM: 1459.89 MBTotal Pagefile: 7785.91 MBAvailable Pagefile: 5035.6 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:443.09 GB) (Free:291.82 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (RECOVERY) (Fixed) (Total:22.37 GB) (Free:3.21 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: A730DD3A)Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=443 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=22 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=101 MB) - (Type=0C) ==================== End Of Log ============================

Bah, nevermind I guess. Issue is still there. I think it was just the unexpected recovery that opened the normal Chrome page I would expect.

That was a long one. Here is the log. Also, when I opened chrome it didn't take me to a weird website. Good signs Mr C!! ComboFix 13-08-16.03 - Jared 08/16/2013 19:40:31.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2081 [GMT -7:00]Running from: c:\users\Jared\Downloads\ComboFix.exeAV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Jared\AppData\Local\System.Data.SQLite.DLLc:\users\Jared\AppData\Roaming\Extens\C\Program Files (x86)\Mozilla Firefox\mozzila firefox.exec:\users\Jared\AppData\Roaming\Localc:\users\Jared\AppData\Roaming\Local\Google\Chrome\User Data\Default\google chrome.exec:\users\Jared\AppData\Roaming\System.Data.SQLite.DLL..((((((((((((((((((((((((( Files Created from 2013-07-17 to 2013-08-17 )))))))))))))))))))))))))))))))..2013-08-17 02:48 . 2013-08-17 02:48 -------- d-----w- c:\users\Default\AppData\Local\temp2013-08-17 02:09 . 2013-08-17 02:33 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-08-17 01:32 . 2013-08-17 01:32 -------- d-----w- c:\windows\ERUNT2013-07-20 00:32 . 2013-08-16 02:01 -------- d-----w- c:\windows\system32\drivers\N360x64\1404000.028...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-07-22 00:13 . 2011-06-14 04:14 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS2013-06-14 23:30 . 2013-06-14 23:30 172 ----a-w- c:\windows\DeleteOnReboot.bat2013-06-14 19:57 . 2013-06-11 14:31 13312 ----a-w- c:\users\Jared\AppData\Local\sqlite.exe2013-06-11 14:31 . 2013-06-11 14:31 33792 ----a-w- c:\users\Jared\AppData\Local\iexplorers.exe2013-06-11 14:31 . 2013-06-11 14:31 1206272 ----a-w- c:\users\Jared\AppData\Local\LocalResource.exe2013-06-11 14:31 . 2013-06-11 14:31 13312 ----a-w- c:\users\Jared\AppData\Roaming\sqlite.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-01-28 1712184]"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-01-28 1712184]"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-06-06 1641896]"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2008-10-20 210208].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]"MSN Toolbar"="c:\program files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" [2009-11-30 240472]"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-04 3331944]"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Notification Packages REG_MULTI_SZ DPPassFilter scecli.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]R3 CorsairCAHS1;CA-HS1 Interface;c:\windows\system32\drivers\CAHS164.sys;c:\windows\SYSNATIVE\drivers\CAHS164.sys [x]R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys;c:\windows\SYSNATIVE\DRIVERS\dvmio.sys [x]S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130726.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130726.001\IDSvia64.sys [x]S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/10/11 09:19];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl;c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [x]S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [x]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]2010-01-22 18:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe.Contents of the 'Scheduled Tasks' folder.2013-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-17 18:58].2013-08-16 c:\windows\Tasks\HPCeeScheduleForJared.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-04 172032]"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2009-12-16 8192]"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-29 161304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-29 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-29 415256]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-03 487424]"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 75.75.75.75 75.75.76.76.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKLM-Run-<NO NAME> - (no file)SafeBoot-65655651.sysSafeBoot-66225764.sysAddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exeAddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-08-16 19:50:23ComboFix-quarantined-files.txt 2013-08-17 02:50.Pre-Run: 313,868,779,520 bytes freePost-Run: 313,372,610,560 bytes free.- - End Of File - - 765010A7A5C827F577448DF38E23C67A

"Congratulations, no cleanup is required!" "No malware found!" However, I still tried to change my Internet Explorer and Chrome homepage to no success... Should I run the plugin that's in the notes??

Heres the MB results, seems clean so I'm going to give the next program a shot. Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.16.07 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Jared :: JARED-PC [administrator] 8/16/2013 6:52:20 PMmbam-log-2013-08-16 (18-52-20).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 218839Time elapsed: 4 minute(s), 4 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)

Yes, I used it earlier while reading another thread on rootkit?. I figured I should try to resolve the issue myself using a similar problem before bring my problems to someone else. Sorry if I shouldn't have though. Haven't used JRT however... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.4.6 (08.15.2013:1) OS: Windows 7 Home Premium x64 Ran by Jared on Fri 08/16/2013 at 18:32:18.88 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8546C67A-842B-4E65-ADFA-3525700AE10D} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AAD93412-F6F5-4135-85B4-A88054F75DE6} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Jared\appdata\local\cre" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 08/16/2013 at 18:38:23.80 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Adwcleaner # AdwCleaner v2.306 - Logfile created 08/16/2013 at 18:19:36 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jared - JARED-PC # Boot Mode : Normal # Running from : C:\Users\Jared\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16450 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\Jared\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [656 octets] - [16/08/2013 18:19:36] ########## EOF - C:\AdwCleaner[R1].txt - [715 octets] ##########

Roguekiller report RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jared [Admin rights] Mode : Scan -- Date : 08/16/2013 18:12:21 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5056GSY +++++ --- User --- [MBR] 4be3a1bd60f290ee72874cb17dac2c7a [bSP] 2978dd880f58eb98faa244c460a3c7da : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 453729 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 929646592 | Size: 22907 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 101 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_08162013_181221.txt >> RKreport[0]_D_08162013_161628.txt;RKreport[0]_D_08162013_162742.txt;RKreport[0]_D_08162013_163112.txt RKreport[0]_H_08162013_163604.txt;RKreport[0]_S_08162013_160005.txt;RKreport[0]_S_08162013_161828.txt RKreport[0]_S_08162013_162552.txt;RKreport[0]_S_08162013_162916.txt;RKreport[0]_S_08162013_163237.txt RKreport[0]_S_08162013_163539.txt

Thanks! DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.10.2 Run by Jared at 18:03:16 on 2013-08-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2006 [GMT -7:00] . AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\vcsFPService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\igfxpers.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Page = search.ueep.com mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler mRun: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C} : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C}\45865624F6277634F6C6C6563647966756 : DHCPNameServer = 68.87.69.150 68.87.85.102 192.168.1.1 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C}\64F637475627 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C}\844534023556E637164796F6E6024374 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C}\8686F6E6F627370353 : DHCPNameServer = 205.171.3.65 205.171.2.65 4.2.2.3 TCP: Interfaces\{EBF48C6B-3DDD-4205-91F9-47094F51113C}\C616D626378616E6B637 : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> LSA: Notification Packages = DPPassFilter scecli mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-7-21 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-7-21 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-21 1393240] R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-7-21 169048] R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2010-1-29 20056] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130726.001\IDSviA64.sys [2013-7-27 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-7-21 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-7-21 433752] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/10/11 09:19:58];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-10-11 146928] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-6-2 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-10-9 236544] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-31 1166848] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480] R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe [2013-7-19 144368] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-11 2320920] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-6 2184496] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-13 96896] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936] R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008] S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\System32\drivers\CAHS164.sys [2011-6-16 1308160] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2011-6-2 7680512] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-10-11 232992] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-11 295424] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-17 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-16 1255736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] . =============== Created Last 30 ================ . 2013-07-22 00:13:27 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys 2013-07-22 00:13:26 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys 2013-07-22 00:13:26 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys 2013-07-22 00:13:26 36952 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtspx64.sys 2013-07-22 00:13:26 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1404000.028\symelam.sys 2013-07-22 00:13:26 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys 2013-07-22 00:13:26 169048 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys 2013-07-22 00:13:26 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys 2013-07-20 00:32:23 -------- d-----w- C:\Windows\System32\drivers\N360x64\1404000.028 . ==================== Find3M ==================== . 2013-07-22 00:13:37 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-14 23:30:42 172 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-06-11 14:31:11 904704 ----a-w- C:\Users\Jared\AppData\Roaming\System.Data.SQLite.dll 2013-06-11 14:31:11 13312 ----a-w- C:\Users\Jared\AppData\Roaming\sqlite.exe . ============= FINISH: 18:03:42.57 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/13/2011 5:57:40 PM System Uptime: 8/16/2013 5:22:39 PM (1 hours ago) . Motherboard: Hewlett-Packard | | 144B Processor: Intel® Core i5 CPU M 450 @ 2.40GHz | CPU | 2376/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 443 GiB total, 292.72 GiB free. D: is FIXED (NTFS) - 22 GiB total, 3.207 GiB free. E: is FIXED (FAT32) - 0 GiB total, 0.08 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP87: 12/14/2012 11:09:50 PM - Removed Java 6 Update 26 RP88: 12/14/2012 11:10:53 PM - Installed Java 7 Update 10 RP89: 6/14/2013 12:18:45 PM - Removed CinemaNow Media Manager. RP90: 6/14/2013 12:19:34 PM - Removed CinemaNow Media Manager. RP91: 6/14/2013 12:21:30 PM - Configured PowerStarter RP92: 6/14/2013 12:28:01 PM - Norton Security Suite Registry . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 MUI Adobe Shockwave Player AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders Apple Application Support Apple Mobile Device Support Apple Software Update Battlefield 3™ Battlelog Web Plugins Bejeweled 2 Deluxe BioShock Blackhawk Striker 2 Blasterball 3 Bonjour Build-a-lot 2 Cake Mania Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help English Chuzzle Deluxe Contents Corel PaintShop Photo Pro X3 Corel VideoStudio Pro X3 Counter-Strike: Global Offensive Counter-Strike: Global Offensive - SDK CyberLink DVD Suite Definition update for Microsoft Office 2010 (KB982726) DeviceIO Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure DVD Menu Pack for HP MediaSmart Video Escape Rosecliff Island ESN Sonar ESU for Microsoft Windows 7 Faerie Solitaire FATE Google Chrome Guild Wars HitmanPro 3.7 HP 3D DriveGuard HP Advisor HP Customer Experience Enhancements HP DVB-T TV Tuner 8.0.64.43 HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP MediaSmart DVD HP MediaSmart Internet TV HP MediaSmart Movies and TV HP MediaSmart Music HP MediaSmart Photo HP MediaSmart SmartMenu HP MediaSmart Video HP MediaSmart Webcam HP MediaSmart/TouchSmart Netflix HP Photo Creations HP Quick Launch HP QuickWeb Installer HP Setup HP SimplePass Identity Protection HP Software Framework HP Support Assistant HP Tone Control HP Update HP User Guides 0177 HP Wireless Assistant Hulu Desktop ICA IDT Audio Intel PROSet Wireless Intel® Management Engine Components Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver IPM_PSP_Pro IPM_VS_Pro ISCOM iTunes Java 7 Update 10 Java Auto Updater Java 6 Update 17 (64-bit) Java 6 Update 24 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft Publisher 2010 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 4.0 Movie Theme Pack for HP MediaSmart Video MSN Toolbar MSN Toolbar Platform MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - The New York Fortune Norton Online Backup Norton Security Suite Origin Penguins! PhotoNow! Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PSPPContent PSPPRO_DCRAW PunkBuster Services PureHD PX Profile Update QuickTime Rainmeter Realtek Ethernet Controller Driver For Windows 7 Realtek USB 2.0 Card Reader Recovery Manager Roxio CinemaNow 2.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Setup Share Share64 Skype™ 5.10 Sonic Adventure™ 2 Star Wars: The Old Republic StarCraft II Steam Synaptics Pointing Device Driver System Requirements Lab CYRI System Requirements Lab Test Team Fortress 2 Terraria TextTwist 2 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Validity Sensors DDK Ventrilo Client VIO Virtual Families Virtual Villagers - The Secret City VSClassic VSPro Warcraft III Warcraft III: All Products Wheel of Fortune 2 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Encoder 9 Series WinRAR 4.11 (32-bit) Yahoo! Detect Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 8/16/2013 5:25:29 PM, Error: NetBT [4321] - The name "JARED-PC :0" could not be registered on the interface with IP address 192.168.1.109. The computer with the IP address 192.168.1.111 did not allow the name to be claimed by this computer. 8/16/2013 5:24:30 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{EBF48C6B-3DDD-4205-91F9-47094F51113C} because another computer on the network has the same name. The server could not start. 8/16/2013 5:24:30 PM, Error: NetBT [4321] - The name "JARED-PC :20" could not be registered on the interface with IP address 192.168.1.109. The computer with the IP address 192.168.1.111 did not allow the name to be claimed by this computer. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7038] - The eventlog service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 8/16/2013 4:47:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service did not start due to a logon failure. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: A system shutdown is in progress. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Windows Event Log service failed to start due to the following error: The service did not start due to a logon failure. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Themes service failed to start due to the following error: A system shutdown is in progress. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: A system shutdown is in progress. 8/16/2013 4:47:20 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The pipe has been ended. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s). 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:19 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/16/2013 4:46:18 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2013 7:03:19 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. . ==== End Of File ===========================

While on the internet, I got a pop-up that appeared to be just another java flash update and routinely accepted like a dunce. It turns out that it was what I believe to be the whitesmoke or conduit virus that I have been reading up on in order to fix. I've done a lot of research and used programs from a number of forums, but nothing seems to resolve the issue. The sure sign is that whenever I open a browser, Chrome or I.E., I get redirected to some foreign website. If I change the default page, it will correct itself and return to the foreign one when i re-open. I've since deleted the Whitesmoke toolbar and run Roguekiller, Hitman Pro, Malwarebytes, and TDSSKiller, but the issue still remains after I have fixed and attempted to resolve any issues. Help would be HUGELY appreciated. My laptop is an HP Pavilion dv7 64-bit system with Windows 7 installed