Hello. Need help. Message keeps popping up: "Successfully blocked access to a potentially malicious website"

HVOrbillos · November 14, 2013

Hello,

This message keeps popping up as lately as about one week now on the lower right part of my laptop screen as a warning from Malwarebyte when I open a website:

Successfully blocked access to a potentially malicious website 74.120.16.160

Type: outgoing
Port: 50022, Process: sndappv2.exe

I ran the DDS and this is what I came up with:

DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2

Run by HVO777 at 12:49:58 on 2013-11-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1521 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\system32\lxeacoms.exe

C:\windows\system32\lxeecoms.exe

C:\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Common Files\Motive\pcCMService.exe

C:\Program Files\Common Files\Motive\pcCMService.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\Program Files (x86)\Sendori\sndappv2.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\taskhost.exe

C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\Dwm.exe

C:\Program Files (x86)\Sendori\SendoriSvc.exe

C:\Program Files (x86)\Sendori\Sendori.Service.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Sendori\SendoriUp.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\TECO\Teco.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe

C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Comcast\pcTrayApp.exe

C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe

C:\Users\HVO777\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Sendori\SendoriTray.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\sppsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\HVO777\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uProxyOverride = <local>;*.local;127.0.0.1:9421;

uWinlogon: Shell = explorer.exe,

mWinlogon: Userinit = userinit.exe,

BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden

uRun: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe /q /c"

uRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide

uRun: [Akamai NetSession Interface] "C:\Users\HVO777\AppData\Local\Akamai\netsession_win.exe"

uRun: [Google Update] "C:\Users\HVO777\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [REGSHAVE] C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE /AUTORUN

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

dRun: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" /q /c

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EXIFLA~1.LNK - C:\Program Files\FinePixViewer\QuickDCF.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: C:\windows\System32\Sendori.dll

LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{239C157A-3F3A-4010-9A84-F08442BD58EF} : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{239C157A-3F3A-4010-9A84-F08442BD58EF}\8465F4737373D20534F5E4564777F627B6 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{239C157A-3F3A-4010-9A84-F08442BD58EF}\C696E6B6379737 : DHCPNameServer = 68.87.64.150 68.87.75.198

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe

x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r

x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-Run: [lxeamon.exe] "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe"

x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe"

x64-Run: [Comcast_McciTrayApp] "C:\Program Files\Comcast\pcTrayApp.exe"

x64-Run: [lxeemon.exe] "C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe"

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]

R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]

R2 lxea_device;lxea_device;C:\windows\System32\lxeacoms.exe -service --> C:\windows\System32\lxeacoms.exe -service [?]

R2 lxee_device;lxee_device;C:\windows\System32\lxeecoms.exe -service --> C:\windows\System32\lxeecoms.exe -service [?]

R2 MBAMScheduler;MBAMScheduler;C:\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-5 418376]

R2 MBAMService;MBAMService;C:\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-5 701512]

R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-1-28 361472]

R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-1-28 441344]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-12-10 126392]

R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]

R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-20 2320920]

R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]

R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-27 158976]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-9-5 25928]

R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2010-10-20 35008]

R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]

R3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192Ce.sys [2010-4-28 932384]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-10-20 54136]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]

R3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 FreemakeVideoCapture;FreemakeVideoCapture;"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" --> C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [?]

S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\lxeaserv.exe [2011-5-24 45736]

S2 lxeeCATSCustConnectService;lxeeCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\lxeeserv.exe [2010-4-14 45736]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-11-13 111616]

S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-10-20 239136]

S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-5-26 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-3-15 1255736]

S4 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]

.

=============== Created Last 30 ================

.

2013-11-14 17:05:30 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF3E098A-C56D-480A-A5EF-49D1F4B2141B}\gapaengine.dll

2013-11-14 17:05:25 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{196C57F2-7E24-41E9-B1A5-6253D49D24DE}\mpengine.dll

2013-11-14 17:04:04 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-11-14 17:03:57 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-11-13 16:31:55 497152 ----a-w- C:\windows\System32\drivers\afd.sys

2013-11-13 16:31:54 404480 ----a-w- C:\windows\System32\gdi32.dll

2013-11-13 16:31:54 311808 ----a-w- C:\windows\SysWow64\gdi32.dll

2013-11-13 16:31:53 859648 ----a-w- C:\windows\System32\IKEEXT.DLL

2013-11-13 16:31:52 830464 ----a-w- C:\windows\System32\nshwfp.dll

2013-11-13 16:31:52 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll

2013-11-13 16:31:52 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL

2013-11-13 16:31:52 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL

2013-11-09 18:28:08 -------- d-----w- C:\Program Files\iPod

2013-11-09 18:28:07 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-09 18:28:07 -------- d-----w- C:\Program Files\iTunes

2013-11-09 18:28:07 -------- d-----w- C:\Program Files (x86)\iTunes

2013-11-05 12:38:56 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-04 11:48:59 -------- d-----w- C:\Users\HVO777\AppData\Local\C5C7045E-7DB9-4428-8755-1887608F68CD.aplzod

2013-10-16 14:08:02 -------- d-----w- C:\ProgramData\Oracle

.

==================== Find3M ====================

.

2013-10-11 10:03:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-11 10:03:35 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-10-11 10:03:12 17813896 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe

2013-10-05 20:25:35 1474048 ----a-w- C:\windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\windows\SysWow64\authui.dll

2013-09-27 14:53:06 248240 ----a-w- C:\windows\System32\drivers\MpFilter.sys

2013-09-27 14:53:06 134944 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys

2013-09-25 02:26:40 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\windows\System32\lsasrv.dll

2013-09-25 01:58:17 96768 ----a-w- C:\windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll

2013-09-25 01:03:24 30720 ----a-w- C:\windows\System32\lsass.exe

2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll

2013-09-05 16:47:38 10285040 ----a-w- C:\Program Files\mbam-consumer.exe

2013-08-29 02:17:48 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-08-29 02:16:35 1732032 ----a-w- C:\windows\System32\ntdll.dll

2013-08-29 02:16:28 243712 ----a-w- C:\windows\System32\wow64.dll

2013-08-29 02:16:14 859648 ----a-w- C:\windows\System32\tdh.dll

2013-08-29 02:13:28 878080 ----a-w- C:\windows\System32\advapi32.dll

2013-08-29 01:51:45 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50:31 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2013-08-29 01:50:30 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- C:\windows\SysWow64\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- C:\windows\SysWow64\advapi32.dll

2013-08-29 01:48:15 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2013-08-29 00:49:53 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2013-08-29 00:49:52 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2013-08-29 00:49:52 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2013-08-29 00:49:49 2048 ----a-w- C:\windows\SysWow64\user.exe

2013-08-28 01:21:06 3155968 ----a-w- C:\windows\System32\win32k.sys

2013-08-28 01:12:33 461312 ----a-w- C:\windows\System32\scavengeui.dll

.

============= FINISH: 12:50:57.46 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/5/2010 10:38:39 PM

System Uptime: 11/14/2013 12:40:55 PM (0 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | CPU | 2399/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 286 GiB total, 230.345 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 931 GiB total, 819.436 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP395: 10/27/2013 2:38:02 PM - Windows Backup

RP396: 10/27/2013 7:32:24 PM - Removed Google Earth.

RP397: 11/3/2013 4:00:56 AM - Windows Backup

RP398: 11/5/2013 7:36:15 AM - Installed Java 7 Update 45

RP399: 11/11/2013 4:40:29 AM - Windows Backup

RP400: 11/13/2013 10:59:17 AM - Windows Update

RP401: 11/14/2013 10:11:21 AM - Windows Update

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.8)

Akamai NetSession Interface

Amazon Links

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Ask Toolbar Updater

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Bejeweled 2 Deluxe

Bonjour

Build-a-lot 2

CA Pest Patrol Realtime Protection

Chuzzle Deluxe

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Comcast Desktop Software (v1.2.0.9)

Compatibility Pack for the 2007 Office system

Conexant HD Audio

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Easy Solve

F.A. Davis's Nursing Care Plan, ed. 6, on CD-ROM

FATE

FileZilla Client 3.5.3

FinePixViewer Resource

FinePixViewer Ver.5.0

Formatta Filler 7.0

FUJIFILM USB Driver

Google Chrome

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

GoToMeeting 5.1.0.880

iCloud

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

iTunes

Java 7 Update 45

Java Auto Updater

Jewel Quest - Heritage

Junk Mail filter update

Kindle Comic Creator

Kindle Previewer

Label@Once 1.0

Lexmark Pro700 Series

Lexmark S300-S400 Series

Lexmark Toolbar

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Office XP Media Content

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MobileMe Control Panel

MSVCRT

NCLEX-RN 3500 - Individual Version

Plants vs. Zombies

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Polar Bowler

Quickbooks Financial Center

QuickTime

RAW FILE CONVERTER LE

RealNetworks - Microsoft Visual C++ 2005 Runtime

RealNetworks - Microsoft Visual C++ 2008 Runtime

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

RealUpgrade 1.1

Safari

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition

Sendori

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

Shared C Run-time for x64

Skype Launcher

Skype™ 5.5

Synaptics Pointing Device Driver

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

ToshibaRegistration

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition

Virtual Villagers 4 - The Tree of Life

Wheel of Fortune 2

WildTangent Games

WildTangent ORB Game Console

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

WinPcap 4.1.2

Xfinity Signature Support Computer Health Check

XFINITY Toolbar

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

11/9/2013 1:20:14 PM, Error: volsnap [14] - The shadow copies of volume E: were aborted because of an IO failure on volume E:.

11/8/2013 11:29:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service.

11/14/2013 12:44:20 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

11/14/2013 12:44:18 PM, Error: Service Control Manager [7022] - The Windows Presentation Foundation Font Cache 3.0.0.0 service hung on starting.

11/14/2013 12:42:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService service to connect.

11/14/2013 12:42:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

11/14/2013 12:42:02 PM, Error: Service Control Manager [7000] - The lxeeCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/14/2013 12:42:02 PM, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/14/2013 12:42:01 PM, Error: Service Control Manager [7000] - The FreemakeVideoCapture service failed to start due to the following error: The system cannot find the file specified.

11/14/2013 12:27:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.

11/14/2013 10:10:56 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/13/2013 5:41:07 PM, Error: Service Control Manager [7034] - The Norton Security Suite service terminated unexpectedly. It has done this 3 time(s).

11/13/2013 11:41:26 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton Security Suite service, but this action failed with the following error: An instance of the service is already running.

11/13/2013 11:39:26 AM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/13/2013 1:54:30 PM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

.

==== End Of File ===========================

Your help would be greatly appreciated in resolving this.

Thanks in advance.

MrCharlie · November 14, 2013

Welcome to the forum.

You have 2 anti-virus programs installed and running on the computer, this only cause conflicts and spotty protection.
Please choose one and uninstall the other.
Dangers of running 2 anti-virus programs

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

-------------------------------------------------

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.
(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:
Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------
(If I don't respond within 24 hours, please send me a PM)

HVOrbillos · November 15, 2013

Hi,

Thank you very much. Sorry for the late reply. I just downloaded Roguekiller. This is the report that was generated:

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : HVO777 [Admin rights]

Mode : Scan -- Date : 11/15/2013 03:55:16

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++

--- User ---

[MBR] 1fb9b8f8aa785f63e1ec2701e83866f7

[bSP] 37fa0e3945bc0c23b8ec55bf7b7ef4a3 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293159 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603463680 | Size: 10585 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) WD My Passport 0748 USB Device +++++

--- User ---

[MBR] 8752273f349251cedf7c6209cdd11aac

[bSP] 804dbf71ce7b1f906f09fbead2fc17a2 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953836 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[0]_S_11152013_035516.txt >>

MrCharlie · November 15, 2013

Not much showing...lets run some scans.

First:

Download Malwarebytes Anti-Rootkit from HERE

Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

To attach a log if needed:

Bottom right corner of this page.

New window that comes up.

~~~~~~~~~~~~~~~~~~~~~~~

Note:

If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

Internet access

Windows Update

Windows Firewall

If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot. It's located in the Plugins folder which is in the MBAR folder.

Just run fixdamage.exe.

Verify that they are now functioning normally.

MrC

HVOrbillos · November 15, 2013

Hello,

Thank you so much for the help. I ran the Malwarebytes Anti-Rootkit and followed through with your instructions. Everything seems good now. The pop-up message is definitely gone now. Internet is working. And I also checked that Windows Update and Windows Firewall are now properly working. Attached please find mbar-log.txt and system-log.txt.

Your help is very much appreciated. I will wait for your further instructions in cleaning up what needs to be cleaned up associated with this process.

Thank you.

mbar-log-2013-11-15 (07-22-57).txt

system-log.txt

MrCharlie · November 15, 2013

Please read the following information about the infection you have:

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.
BACKDOOR WARNING
------------------------------
One or more of the identified infections is known to use a backdoor.
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451
When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063
I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.
I would change all my passwords and keep a close eye on all your sensitive accounts.
Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

MrC

HVOrbillos · November 15, 2013

Thank you.

I downloaded Farbar, scanned my computer. As per your request (Attached please find Addition.txt). Thanks again for the help:

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013

Ran by HVO777 (administrator) on HVO777-PC on 15-11-2013 09:43:59

Running from C:\Users\HVO777\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(CA, Inc.) C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

( ) C:\windows\system32\lxeacoms.exe

( ) C:\windows\system32\lxeecoms.exe

(Malwarebytes Corporation) C:\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Malwarebytes' Anti-Malware\mbamservice.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe

(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(SpeedBit Ltd.) C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe

(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe

(Malwarebytes Corporation) C:\Malwarebytes' Anti-Malware\mbamgui.exe

(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe

() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe

(Alcatel-Lucent) C:\Program Files\Comcast\pcTrayApp.exe

() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe

(Akamai Technologies, Inc.) C:\Users\HVO777\AppData\Local\Akamai\netsession_win.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe

(Google Inc.) C:\Users\HVO777\AppData\Local\Google\Update\GoogleUpdate.exe

(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Akamai Technologies, Inc.) C:\Users\HVO777\AppData\Local\Akamai\netsession_win.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google) C:\Users\HVO777\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]

HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)

HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)

HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [505696 2009-11-06] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)

HKLM\...\Run: [smartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-23] (TOSHIBA Corporation)

HKLM\...\Run: [lxeamon.exe] - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2011-01-23] ()

HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [148280 2011-01-23] ()

HKLM\...\Run: [Comcast_McciTrayApp] - C:\Program Files\Comcast\pcTrayApp.exe [2727936 2012-01-18] (Alcatel-Lucent)

HKLM\...\Run: [lxeemon.exe] - C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [770728 2011-01-23] ()

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)

HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKCU\...\Run: [Desktop Software] - C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini [1082 2011-05-24] ()

HKCU\...\Run: [WinCalendarV3] - "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe /q /c"

HKCU\...\Run: [ComcastAntispyClient] - C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe [1589208 2009-08-19] ()

HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\HVO777\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKCU\...\Run: [Google Update] - C:\Users\HVO777\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-19] (Google Inc.)

HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-09] (Google Inc.)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)

HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19549320 2011-10-13] (Skype Technologies S.A.)

HKCU\...\Winlogon: [shell] explorer.exe, <==== ATTENTION

MountPoints2: {da971e94-0f8c-11e1-b17a-60eb6972411f} - F:\AutoRun.exe

MountPoints2: {da971e9d-0f8c-11e1-b17a-60eb6972411f} - F:\AutoRun.exe

HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe [3218792 2010-06-02] (Toshiba)

HKLM-x32\...\Run: [REGSHAVE] - C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)

HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [41336 2013-09-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)

HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)

HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-10-15] (RealNetworks, Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U221DHP&pc=U221

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=d0b0917c-ded8-4255-b03f-08411fa0260d&searchtype=hp&exp=true

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=d0b0917c-ded8-4255-b03f-08411fa0260d&searchtype=ds&q={searchTerms}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - Comcast URL = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=d0b0917c-ded8-4255-b03f-08411fa0260d&searchtype=ds&q={searchTerms}

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=109935&tt=050412_30b&babsrc=SP_ss&mntrId=e2258a29000000000000207c8f40ddd9

SearchScopes: HKCU - {26C0431A-9742-4397-9208-CFD2D88F65C2} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp3tst&p={searchTerms}

SearchScopes: HKCU - {6F4A233B-AB45-41DD-B927-35F2221021F1} URL = http://search.conduit.com/Results.aspx?ctid=CT3300039&SearchSource=45&q={searchTerms}

SearchScopes: HKCU - {93644A53-F0DE-4BFB-98C7-0B2951AF6E15} URL =

SearchScopes: HKCU - {B863F21F-B47A-4050-9D62-F05EE8EC2DCF} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}

SearchScopes: HKCU - {F3D8D17A-5BF3-423C-A170-901AF92B6706} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000030&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO-x32: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

Toolbar: HKLM-x32 - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

DPF: HKLM-x32 {1663ed61-23eb-11d2-b92f-008048fdd814} https://devbrandywinenc.mpsrx.com/include/ActiveX/smsx.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll No File

FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HVO777\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HVO777\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\HVO777\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:

=======

CHR RestoreOnStartup: "https://mail.google.com/mail/u/0/?tab=wm#inbox", "https://news.google.com/nwshp?hl=en&tab=mn"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Citrix ICA Client) - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File

CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (Unity Player) - C:\Users\HVO777\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Google Update) - C:\Users\HVO777\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Google Talk Plugin) - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\HVO777\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File

CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

CHR Extension: (Entanglement Web App) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0

CHR Extension: (BIODIGITAL HUMAN) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_1

CHR Extension: (Add to Amazon Wish List) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_1

CHR Extension: (Toggle Fullscreen in Hangout) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekfhcmpmchbhkdeplplcljcggddkffb\1.3_1

CHR Extension: (Cloud Reader) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0

CHR Extension: (Surgeon Simulator) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\iknengmcpjjcbcciehggbmkgcoamfnod\1.2_0

CHR Extension: (Poppit) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_1

CHR Extension: (Google Wallet) - C:\Users\HVO777\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()

R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)

R2 ITMRTSVC; C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe [283912 2007-09-26] (CA, Inc.)

S2 lxeaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)

R2 lxea_device; C:\windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )

R2 lxea_device; C:\windows\SysWow64\lxeacoms.exe [598696 2010-04-14] ( )

S2 lxeeCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2010-04-14] (Lexmark International, Inc.)

R2 lxee_device; C:\windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )

R2 lxee_device; C:\windows\SysWow64\lxeecoms.exe [598696 2010-04-14] ( )

R2 MBAMScheduler; C:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [441344 2012-01-18] (Alcatel-Lucent)

R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)

R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)

R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)

R2 VideoAcceleratorService; C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe [265928 2012-10-15] (SpeedBit Ltd.)

S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [x]

S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [x]

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]

S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [x]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-15 09:43 - 2013-11-15 09:47 - 00032414 _____ C:\Users\HVO777\Downloads\FRST.txt

2013-11-15 09:43 - 2013-11-15 09:43 - 01957794 _____ (Farbar) C:\Users\HVO777\Downloads\FRST64 (1).exe

2013-11-15 09:42 - 2013-11-15 09:42 - 01957794 _____ (Farbar) C:\Users\HVO777\Downloads\FRST64.exe

2013-11-15 09:42 - 2013-11-15 09:42 - 00000000 ____D C:\Users\HVO777\Desktop\Farbar Recovery Scan Tool

2013-11-15 09:01 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys

2013-11-15 09:01 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys

2013-11-15 07:22 - 2013-11-15 08:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2013-11-15 07:21 - 2013-11-15 08:09 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2013-11-15 07:20 - 2013-11-15 07:20 - 12576792 _____ (Malwarebytes Corp.) C:\Users\HVO777\Downloads\mbar-1.07.0.1007.exe

2013-11-15 07:15 - 2013-11-15 07:21 - 00000000 ____D C:\Users\HVO777\Desktop\MalwareBytes AntiRootKit

2013-11-15 03:55 - 2013-11-15 03:55 - 00001949 _____ C:\Users\HVO777\Desktop\RKreport[0]_S_11152013_035516.txt

2013-11-15 03:52 - 2013-11-15 03:56 - 00000000 ____D C:\Users\HVO777\Desktop\RK_Quarantine

2013-11-15 03:51 - 2013-11-15 03:51 - 04161024 _____ C:\Users\HVO777\Downloads\RogueKillerX64.exe

2013-11-14 12:51 - 2013-11-14 12:51 - 00013009 _____ C:\Users\HVO777\Desktop\attach.txt

2013-11-14 12:51 - 2013-11-14 12:50 - 00027492 _____ C:\Users\HVO777\Desktop\dds.txt

2013-11-14 12:49 - 2013-11-14 12:49 - 00688992 ____R (Swearware) C:\Users\HVO777\Downloads\dds.com

2013-11-14 12:26 - 2013-11-14 12:27 - 58077320 _____ (Microsoft Corporation) C:\Users\HVO777\Downloads\EIE11_EN-US_MSE_WIN764.EXE

2013-11-14 12:09 - 2013-11-14 12:09 - 00851968 _____ C:\Users\HVO777\Downloads\Norton_Removal_Tool.exe

2013-11-14 12:04 - 2013-11-14 12:04 - 00001945 _____ C:\windows\epplauncher.mif

2013-11-14 12:04 - 2013-11-14 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-14 12:03 - 2013-11-14 12:04 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-14 12:01 - 2013-11-14 12:02 - 13670584 _____ (Microsoft Corporation) C:\Users\HVO777\Downloads\mseinstall.exe

2013-11-13 11:32 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll

2013-11-13 11:32 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll

2013-11-13 11:32 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll

2013-11-13 11:32 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll

2013-11-13 11:32 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll

2013-11-13 11:32 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-13 11:32 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll

2013-11-13 11:32 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll

2013-11-13 11:32 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys

2013-11-13 11:32 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys

2013-11-13 11:32 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll

2013-11-13 11:32 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll

2013-11-13 11:32 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll

2013-11-13 11:32 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll

2013-11-13 11:32 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2013-11-13 11:32 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll

2013-11-13 11:32 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll

2013-11-13 11:32 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll

2013-11-13 11:32 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll

2013-11-13 11:32 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll

2013-11-13 11:32 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe

2013-11-13 11:32 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys

2013-11-13 11:31 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll

2013-11-13 11:31 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL

2013-11-13 11:31 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL

2013-11-13 11:31 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll

2013-11-13 11:31 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL

2013-11-13 11:31 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2013-11-13 11:31 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2013-11-13 11:31 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys

2013-11-13 11:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE

2013-11-13 11:02 - 2013-11-13 11:02 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2013-11-13 11:02 - 2013-11-13 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2013-11-13 11:02 - 2013-11-13 11:02 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2013-11-13 11:02 - 2013-11-13 11:02 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2013-11-13 11:02 - 2013-11-13 11:02 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat

2013-11-13 11:02 - 2013-11-13 11:02 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat

2013-11-13 11:02 - 2013-11-13 11:02 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec

2013-11-13 11:02 - 2013-11-13 11:02 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec

2013-11-13 11:02 - 2013-11-13 11:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx

2013-11-13 11:02 - 2013-11-13 11:02 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx

2013-11-13 11:02 - 2013-11-13 11:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll

2013-11-13 11:02 - 2013-11-13 11:02 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe

2013-11-13 11:02 - 2013-11-13 11:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2013-11-13 11:00 - 2013-11-14 12:32 - 00015487 _____ C:\windows\IE11_main.log

2013-11-09 13:28 - 2013-11-09 13:28 - 00001754 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-11-09 13:28 - 2013-11-09 13:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-09 13:28 - 2013-11-09 13:28 - 00000000 ____D C:\Program Files\iTunes

2013-11-09 13:28 - 2013-11-09 13:28 - 00000000 ____D C:\Program Files\iPod

2013-11-09 13:28 - 2013-11-09 13:28 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-11-05 07:39 - 2013-11-05 07:39 - 00000000 ____D C:\windows\Sun

2013-11-05 07:39 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2013-11-05 07:38 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2013-11-05 07:38 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2013-11-05 07:38 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2013-11-05 07:37 - 2013-11-05 07:38 - 00004746 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-11-04 06:48 - 2013-11-04 06:50 - 00000000 ____D C:\Users\HVO777\AppData\Local\C5C7045E-7DB9-4428-8755-1887608F68CD.aplzod

2013-11-04 06:36 - 2013-11-15 09:03 - 00000672 _____ C:\windows\setupact.log

2013-11-04 06:36 - 2013-11-04 06:36 - 00000000 _____ C:\windows\setuperr.log

2013-10-16 09:08 - 2013-11-05 07:39 - 00000000 ____D C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2013-11-15 09:47 - 2013-11-15 09:43 - 00032414 _____ C:\Users\HVO777\Downloads\FRST.txt

2013-11-15 09:43 - 2013-11-15 09:43 - 01957794 _____ (Farbar) C:\Users\HVO777\Downloads\FRST64 (1).exe

2013-11-15 09:42 - 2013-11-15 09:42 - 01957794 _____ (Farbar) C:\Users\HVO777\Downloads\FRST64.exe

2013-11-15 09:42 - 2013-11-15 09:42 - 00000000 ____D C:\Users\HVO777\Desktop\Farbar Recovery Scan Tool

2013-11-15 09:14 - 2009-07-13 23:45 - 00015792 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-15 09:14 - 2009-07-13 23:45 - 00015792 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-15 09:12 - 2010-10-20 13:48 - 01637920 _____ C:\windows\WindowsUpdate.log

2013-11-15 09:08 - 2011-10-22 19:08 - 00000000 ____D C:\Users\HVO777\AppData\Roaming\Skype

2013-11-15 09:08 - 2010-09-09 21:09 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-15 09:07 - 2012-07-05 16:16 - 00036428 _____ C:\ProgramData\lxeescan.log

2013-11-15 09:07 - 2011-05-24 10:32 - 00159630 _____ C:\ProgramData\lxeascan.log

2013-11-15 09:06 - 2012-01-23 05:37 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2993272524-2527856309-3803975452-1000UA.job

2013-11-15 09:04 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2013-11-15 09:03 - 2013-11-04 06:36 - 00000672 _____ C:\windows\setupact.log

2013-11-15 09:02 - 2012-03-29 09:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2013-11-15 08:54 - 2010-09-09 21:09 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-15 08:41 - 2009-07-14 00:13 - 00813908 _____ C:\windows\system32\PerfStringBackup.INI

2013-11-15 08:13 - 2013-11-15 07:22 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2013-11-15 08:09 - 2013-11-15 07:21 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2013-11-15 07:59 - 2010-09-09 21:28 - 01645766 _____ C:\windows\PFRO.log

2013-11-15 07:21 - 2013-11-15 07:15 - 00000000 ____D C:\Users\HVO777\Desktop\MalwareBytes AntiRootKit

2013-11-15 07:20 - 2013-11-15 07:20 - 12576792 _____ (Malwarebytes Corp.) C:\Users\HVO777\Downloads\mbar-1.07.0.1007.exe

2013-11-15 03:56 - 2013-11-15 03:52 - 00000000 ____D C:\Users\HVO777\Desktop\RK_Quarantine

2013-11-15 03:55 - 2013-11-15 03:55 - 00001949 _____ C:\Users\HVO777\Desktop\RKreport[0]_S_11152013_035516.txt

2013-11-15 03:51 - 2013-11-15 03:51 - 04161024 _____ C:\Users\HVO777\Downloads\RogueKillerX64.exe

2013-11-15 03:06 - 2012-01-23 05:37 - 00000860 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2993272524-2527856309-3803975452-1000Core.job

2013-11-14 16:12 - 2013-07-02 09:49 - 00002154 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-11-14 14:20 - 2010-12-05 23:04 - 00000000 ____D C:\Users\HVO777\AppData\Local\Google

2013-11-14 12:51 - 2013-11-14 12:51 - 00013009 _____ C:\Users\HVO777\Desktop\attach.txt

2013-11-14 12:50 - 2013-11-14 12:51 - 00027492 _____ C:\Users\HVO777\Desktop\dds.txt

2013-11-14 12:49 - 2013-11-14 12:49 - 00688992 ____R (Swearware) C:\Users\HVO777\Downloads\dds.com

2013-11-14 12:41 - 2010-10-20 14:12 - 00000000 ____D C:\ProgramData\Norton

2013-11-14 12:32 - 2013-11-13 11:00 - 00015487 _____ C:\windows\IE11_main.log

2013-11-14 12:32 - 2010-10-20 14:16 - 00000000 ___HD C:\windows\msdownld.tmp

2013-11-14 12:27 - 2013-11-14 12:26 - 58077320 _____ (Microsoft Corporation) C:\Users\HVO777\Downloads\EIE11_EN-US_MSE_WIN764.EXE

2013-11-14 12:09 - 2013-11-14 12:09 - 00851968 _____ C:\Users\HVO777\Downloads\Norton_Removal_Tool.exe

2013-11-14 12:04 - 2013-11-14 12:04 - 00001945 _____ C:\windows\epplauncher.mif

2013-11-14 12:04 - 2013-11-14 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-14 12:04 - 2013-11-14 12:03 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-14 12:02 - 2013-11-14 12:01 - 13670584 _____ (Microsoft Corporation) C:\Users\HVO777\Downloads\mseinstall.exe

2013-11-14 10:22 - 2012-01-25 15:43 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-11-14 10:19 - 2013-07-25 11:07 - 00000000 ____D C:\windows\system32\MRT

2013-11-14 10:15 - 2011-05-11 04:56 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2013-11-13 11:23 - 2010-12-05 22:40 - 00001428 _____ C:\Users\HVO777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-13 11:17 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions