6 replies to this topic

[azuleno]

Sorry about not following protocol Having issued to run HJT, Please read on and advice

 

I am using Windows 8. I used Wordle.net yesterday and was working fine. Today it is not, got the following error message:

 

“Application Error: Application Blocked. Click for Details: Your security settings have blocked a self-signed sandbox application from running.”

Uninstalled old Java. Installed latest. Still not working, same error message.

 

 

I ran HJT and even though it works, it does not provide a notepad log as usual. I get the following message from HJT:

 

 

For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may not be able to fix this.

If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\windows\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them.

Sace the file as ‘hosts’ (with quotes),, and reboot.

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose ‘Run as administrator’.

 

 

After following above instructions, I get the following message on notepad:

 

# Copyright © 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

#      102.54.94.97     rhino.acme.com          # source server

#       38.25.63.10     x.acme.com              # x client host

 

# localhost name resolution is handled within DNS itself.

#             127.0.0.1       localhost

#             ::1             localhost

 

 

Again, appreciate your advice. Thanks!

[nasdaq]

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

The HijackThis tool is not compatible with Windows 8.

Please run this tool and post the log for my review.

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

[azuleno]

Here are the requested logs. Copy & paste FRST.txt.... attached Addition.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Jorge (administrator) on JSOTO-PC on 18-07-2014 09:42:14
Running from C:\Users\Jorge\Desktop\SPY
Platform: Windows 8 Pro with Media Center (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
() C:\Program Files\Toshiba\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Pokki) C:\Users\Jorge\AppData\Local\Pokki\Engine\pokki.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-28] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337440 2013-03-22] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [242792 2013-01-14] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\pokki.exe"
HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\Run: [WizMouse] => C:\Program Files (x86)\WizMouse\WizMouse.exe [121648 2011-09-30] ()
HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20917408 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\MountPoints2: {09ba931e-e670-11e3-beda-9f39c092eaab} - "E:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\MountPoints2: {3af4b0de-fd41-11e3-bee7-eb545ec2ae58} - "E:\MotorolaDeviceManagerSetup.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
SearchScopes: HKLM - DefaultScope {D4D98594-EA9F-414A-BED7-51A2899FE973} URL = http://www.bing.com/...E10TR&pc=MATBJS
SearchScopes: HKLM - {D4D98594-EA9F-414A-BED7-51A2899FE973} URL = http://www.bing.com/...E10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope {D4D98594-EA9F-414A-BED7-51A2899FE973} URL = http://www.bing.com/...E10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {D4D98594-EA9F-414A-BED7-51A2899FE973} URL = http://www.bing.com/...E10TR&pc=MATBJS
SearchScopes: HKCU - DefaultScope {D4D98594-EA9F-414A-BED7-51A2899FE973} URL =
SearchScopes: HKCU - {D4D98594-EA9F-414A-BED7-51A2899FE973} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20131003125011.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20131003125011.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...ex/ieatgpc1.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\3y176be1.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\3y176be1.default\searchplugins\trovi-search.xml
FF Extension: QuickJava - C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\3y176be1.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-07-17]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013-10-03]

==================== Services (Whitelisted) =================

R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-15] ()
R2 hasplms; C:\windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [130080 2013-03-22] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2013-10-03] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [206448 2013-01-14] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [177680 2013-10-03] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-26] (TOSHIBA CORPORATION)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 CXPLRCAP; C:\Windows\system32\drivers\elvidcap.sys [153064 2014-05-12] (Elgato Systems GmbH)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2013-10-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2013-10-03] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-10-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2013-10-03] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2013-10-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339392 2013-10-03] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3311072 2013-03-26] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-25] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48024 2013-01-28] (Windows ® Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [194456 2013-01-28] (Windows ® Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Jorge\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-18 09:42 - 2014-07-18 09:42 - 00000000 ____D () C:\FRST
2014-07-18 09:41 - 2014-07-18 09:42 - 00000000 ____D () C:\Users\Jorge\Desktop\SPY
2014-07-18 00:43 - 2014-07-18 00:43 - 00000000 ____D () C:\Users\Jorge\AppData\Local\Macromedia
2014-07-17 17:31 - 2014-07-17 17:33 - 256892475 _____ () C:\Users\Jorge\Downloads\ZeroToLaunch-GettingStartedGuide-My-Specific-Recommendations.720p.mp4
2014-07-17 12:46 - 2014-07-17 12:46 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-17 12:46 - 2014-07-17 12:46 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-17 12:46 - 2014-07-17 12:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-17 12:10 - 2014-07-17 12:10 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-07-17 12:10 - 2014-07-17 12:10 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 12:09 - 2014-07-17 12:09 - 01402880 _____ () C:\Users\Jorge\Downloads\HijackThis.msi
2014-07-17 11:37 - 2014-07-17 11:37 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Oracle
2014-07-17 11:36 - 2014-07-17 11:36 - 00004578 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 11:36 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-17 11:36 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-17 11:36 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-17 11:36 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-17 00:25 - 2014-07-17 00:31 - 522208893 _____ () C:\Users\Jorge\Desktop\ZeroToLaunch-GettingStartedGuide-3-Money-Mindsets.720p.mp4
2014-07-16 22:34 - 2014-07-16 22:34 - 00000000 ____D () C:\Users\Jorge\Documents\Streaming Video Recorder
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Apowersoft
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2014-07-16 22:33 - 2014-04-09 20:50 - 00443568 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftScreenCapturing.dll
2014-07-16 22:33 - 2014-04-09 20:50 - 00271536 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2014-07-16 22:33 - 2014-04-09 20:50 - 00181424 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2014-07-16 22:31 - 2014-07-16 22:31 - 23901768 _____ (APOWERSOFT LIMITED ) C:\Users\Jorge\Downloads\streaming-video-recorder-cnet.exe
2014-07-12 23:35 - 2014-07-12 23:35 - 00099331 _____ () C:\Users\Jorge\Downloads\PresupuestoGomez2013DORA.xlsx
2014-07-05 19:35 - 2014-07-16 23:51 - 00000000 ____D () C:\Users\Jorge\Desktop\yYYOOoo
2014-07-04 14:33 - 2014-07-07 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato
2014-07-04 14:33 - 2014-07-07 14:17 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Elgato
2014-07-04 14:32 - 2014-07-07 16:14 - 00000000 ____D () C:\Program Files (x86)\Elgato
2014-07-04 14:26 - 2014-07-07 14:17 - 00000000 ____D () C:\Program Files\Elgato
2014-07-04 14:26 - 2014-05-12 07:55 - 00153064 _____ (Elgato Systems GmbH) C:\windows\system32\Drivers\elvidcap.sys
2014-07-04 14:26 - 2014-05-12 07:55 - 00044776 _____ (Conexant) C:\windows\SysWOW64\y8cnvt.ax
2014-07-04 14:26 - 2014-05-12 07:55 - 00039656 _____ (Conexant Systems, Inc) C:\windows\SysWOW64\CxPolaris.ax
2014-07-04 14:26 - 2014-05-12 07:55 - 00037096 _____ (Conexant Systems Inc.) C:\windows\SysWOW64\cxtvrate.dll
2014-07-04 14:26 - 2014-05-12 07:55 - 00028392 _____ (Conexant Systems, Inc) C:\windows\SysWOW64\cpnotify.ax
2014-07-04 00:46 - 2014-07-17 12:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-23 23:55 - 2014-06-23 23:53 - 18816968 _____ (Bitberry Software ) C:\Users\Jorge\Downloads\FreeFileViewerSetup [1].exe

==================== One Month Modified Files and Folders =======

2014-07-18 09:43 - 2014-06-11 13:52 - 00000580 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2289314783-225378754-3216661433-1001.job
2014-07-18 09:42 - 2014-07-18 09:42 - 00000000 ____D () C:\FRST
2014-07-18 09:42 - 2014-07-18 09:41 - 00000000 ____D () C:\Users\Jorge\Desktop\SPY
2014-07-18 09:38 - 2013-07-08 04:10 - 01469813 _____ () C:\windows\WindowsUpdate.log
2014-07-18 09:35 - 2013-10-16 19:24 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\ClassicShell
2014-07-18 09:24 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-18 03:02 - 2014-01-17 17:13 - 00000000 ____D () C:\Users\Jorge\.umplayer
2014-07-18 01:57 - 2012-07-26 03:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-18 00:43 - 2014-07-18 00:43 - 00000000 ____D () C:\Users\Jorge\AppData\Local\Macromedia
2014-07-18 00:27 - 2014-03-17 16:39 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Skype
2014-07-18 00:00 - 2013-10-02 20:43 - 00000000 ____D () C:\Users\Jorge\AppData\Local\Pokki
2014-07-17 22:12 - 2014-03-13 13:36 - 00003926 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{2E4F31E7-689C-4909-B2D6-35F168FF5878}
2014-07-17 20:45 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-17 17:33 - 2014-07-17 17:31 - 256892475 _____ () C:\Users\Jorge\Downloads\ZeroToLaunch-GettingStartedGuide-My-Specific-Recommendations.720p.mp4
2014-07-17 17:11 - 2014-05-05 16:53 - 00002139 _____ () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
2014-07-17 17:04 - 2013-04-24 03:44 - 00462978 _____ () C:\windows\PFRO.log
2014-07-17 17:04 - 2012-07-26 03:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-17 17:04 - 2012-07-26 01:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-07-17 17:03 - 2013-07-08 04:31 - 13636580 _____ () C:\Users\Public\CAFADEBUG.log
2014-07-17 13:34 - 2013-10-02 20:53 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2289314783-225378754-3216661433-1001
2014-07-17 12:46 - 2014-07-17 12:46 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-17 12:46 - 2014-07-17 12:46 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-17 12:46 - 2014-07-17 12:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-17 12:46 - 2014-07-04 00:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-17 12:10 - 2014-07-17 12:10 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-07-17 12:10 - 2014-07-17 12:10 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 12:10 - 2013-10-06 21:22 - 00000000 ___RD () C:\Users\Jorge\Desktop\Shortcuts
2014-07-17 12:10 - 2013-10-02 20:44 - 00000000 ____D () C:\Users\Jorge\AppData\Local\VirtualStore
2014-07-17 12:09 - 2014-07-17 12:09 - 01402880 _____ () C:\Users\Jorge\Downloads\HijackThis.msi
2014-07-17 11:38 - 2014-03-10 08:54 - 00000000 ____D () C:\Program Files\Java
2014-07-17 11:37 - 2014-07-17 11:37 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Oracle
2014-07-17 11:37 - 2013-10-07 17:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 11:36 - 2014-07-17 11:36 - 00004578 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 11:36 - 2013-10-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 11:30 - 2012-07-26 01:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-17 10:37 - 2013-10-08 07:34 - 00000000 ____D () C:\Users\Jorge\Documents\Outlook Files
2014-07-17 00:31 - 2014-07-17 00:25 - 522208893 _____ () C:\Users\Jorge\Desktop\ZeroToLaunch-GettingStartedGuide-3-Money-Mindsets.720p.mp4
2014-07-16 23:51 - 2014-07-05 19:35 - 00000000 ____D () C:\Users\Jorge\Desktop\yYYOOoo
2014-07-16 22:34 - 2014-07-16 22:34 - 00000000 ____D () C:\Users\Jorge\Documents\Streaming Video Recorder
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Apowersoft
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2014-07-16 22:33 - 2014-07-16 22:33 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2014-07-16 22:32 - 2013-10-02 20:43 - 00000000 ____D () C:\Users\Jorge
2014-07-16 22:31 - 2014-07-16 22:31 - 23901768 _____ (APOWERSOFT LIMITED ) C:\Users\Jorge\Downloads\streaming-video-recorder-cnet.exe
2014-07-16 02:23 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-16 00:40 - 2013-10-17 13:23 - 00000000 ____D () C:\Users\Jorge\AppData\Local\CrashDumps
2014-07-12 23:35 - 2014-07-12 23:35 - 00099331 _____ () C:\Users\Jorge\Downloads\PresupuestoGomez2013DORA.xlsx
2014-07-12 19:59 - 2013-11-29 04:35 - 00000000 ____D () C:\Quarantine
2014-07-11 03:02 - 2014-07-17 11:36 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-17 11:36 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-17 11:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-17 11:36 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-08 10:20 - 2012-07-26 03:21 - 00048861 _____ () C:\windows\setupact.log
2014-07-07 16:14 - 2014-07-04 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato
2014-07-07 16:14 - 2014-07-04 14:32 - 00000000 ____D () C:\Program Files (x86)\Elgato
2014-07-07 16:13 - 2013-10-03 15:48 - 00000000 ____D () C:\windows\system32\appmgmt
2014-07-07 14:17 - 2014-07-04 14:33 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Elgato
2014-07-07 14:17 - 2014-07-04 14:26 - 00000000 ____D () C:\Program Files\Elgato
2014-07-05 19:40 - 2014-01-20 17:39 - 00000000 ____D () C:\Users\Jorge\Documents\FabriFoam
2014-07-05 19:39 - 2013-10-13 22:09 - 00000000 ____D () C:\Users\Jorge\Documents\Emulsifiers
2014-07-05 19:39 - 2013-10-08 15:52 - 00000000 ____D () C:\Users\Jorge\Documents\FFT
2014-07-03 04:45 - 2014-06-11 13:52 - 00003580 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2289314783-225378754-3216661433-1001
2014-06-26 20:14 - 2014-02-13 15:27 - 00000000 ____D () C:\ACD2012FREE
2014-06-26 20:03 - 2014-03-04 13:16 - 00000000 ____D () C:\Users\Jorge\Documents\ChemSketchStructures
2014-06-23 23:53 - 2014-06-23 23:55 - 18816968 _____ (Bitberry Software ) C:\Users\Jorge\Downloads\FreeFileViewerSetup [1].exe
2014-06-22 12:51 - 2014-01-17 17:13 - 00000000 ____D () C:\Users\Jorge\AppData\Local\MPlayer
2014-06-21 14:29 - 2013-04-24 05:23 - 00000000 ____D () C:\Program Files (x86)\Norton Anti-Theft
2014-06-21 14:29 - 2013-04-24 05:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-21 14:29 - 2013-04-24 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-21 14:29 - 2013-04-24 05:21 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 __RSD () C:\windows\Media
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\windows\ToastData
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\windows\DesktopTileResources
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\WinStore
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\WinMetadata
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\Cursors
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-06-21 14:29 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-06-21 14:29 - 2012-07-26 03:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-21 14:29 - 2012-07-26 01:37 - 00000000 ____D () C:\windows\servicing
2014-06-21 14:28 - 2014-01-16 12:03 - 00000000 ____D () C:\windows\System32\Tasks\Minitab
2014-06-21 14:28 - 2013-10-03 16:54 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-21 14:28 - 2013-10-02 20:46 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-06-21 14:28 - 2013-07-08 04:20 - 00000000 ____D () C:\windows\System32\Tasks\Norton Anti-Theft
2014-06-21 14:27 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\restore
2014-06-21 14:26 - 2014-02-13 15:28 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2012
2014-06-21 14:26 - 2014-01-02 21:24 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Sound Editor Free
2014-06-21 14:26 - 2013-12-22 20:12 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yFiles Demo Applications
2014-06-21 14:26 - 2013-10-02 20:43 - 00000000 ___RD () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 14:26 - 2013-10-02 20:43 - 00000000 ___RD () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-21 14:26 - 2013-10-02 20:43 - 00000000 ___RD () C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-21 14:25 - 2014-01-17 17:26 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\DVDVideoSoft
2014-06-21 14:24 - 2014-05-10 16:16 - 00000000 ____D () C:\ProgramData\WebEx
2014-06-21 14:24 - 2014-03-20 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-21 14:24 - 2014-03-17 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-21 14:24 - 2014-03-10 08:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-21 14:24 - 2014-02-15 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizMouse
2014-06-21 14:24 - 2014-02-13 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 14:24 - 2014-02-01 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Sound Editor Free
2014-06-21 14:24 - 2014-01-20 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Editor
2014-06-21 14:24 - 2014-01-17 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-21 14:24 - 2014-01-17 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UMPlayer
2014-06-21 14:24 - 2014-01-16 12:04 - 00000000 ____D () C:\ProgramData\Minitab
2014-06-21 14:24 - 2014-01-16 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab
2014-06-21 14:24 - 2013-12-30 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-21 14:24 - 2013-10-24 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
2014-06-21 14:24 - 2013-10-23 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2014-06-21 14:24 - 2013-10-16 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-21 14:24 - 2013-10-05 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stat-Ease
2014-06-21 14:24 - 2013-10-03 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-21 14:24 - 2013-10-03 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-21 14:24 - 2013-07-08 04:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2014-06-21 14:24 - 2013-07-08 04:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-06-21 14:24 - 2013-07-08 04:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc
2014-06-21 14:24 - 2013-04-24 05:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-06-21 14:22 - 2014-02-15 22:22 - 00000000 ____D () C:\Program Files (x86)\WizMouse
2014-06-21 14:22 - 2014-01-17 17:13 - 00000000 ____D () C:\Program Files (x86)\UMPlayer
2014-06-21 14:22 - 2013-10-16 19:20 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-21 14:22 - 2013-07-08 04:40 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-21 14:22 - 2013-04-24 05:22 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-06-21 14:21 - 2014-03-17 16:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-21 14:21 - 2014-01-20 18:03 - 00000000 ____D () C:\Program Files (x86)\Free Audio Editor
2014-06-21 14:21 - 2014-01-17 17:26 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-21 14:21 - 2014-01-02 21:23 - 00000000 ____D () C:\Program Files (x86)\Power Sound Editor Free
2014-06-21 14:20 - 2014-03-20 09:27 - 00000000 ____D () C:\FreeOCR
2014-06-21 14:20 - 2013-12-30 21:09 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-21 14:15 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\registration
2014-06-21 14:05 - 2014-06-11 13:52 - 00000000 ____D () C:\Users\Jorge\AppData\Local\Citrix

Some content of TEMP:
====================
C:\Users\Jorge\AppData\Local\Temp\cxtvrate.dll
C:\Users\Jorge\AppData\Local\Temp\dexaup.exe
C:\Users\Jorge\AppData\Local\Temp\emmon.exe
C:\Users\Jorge\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Jorge\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\Jorge\AppData\Local\Temp\GLF28A6.tmp.EXE
C:\Users\Jorge\AppData\Local\Temp\GLF8BFA.tmp.EXE
C:\Users\Jorge\AppData\Local\Temp\mp3el.exe
C:\Users\Jorge\AppData\Local\Temp\ose00000.exe
C:\Users\Jorge\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jorge\AppData\Local\Temp\setup.exe
C:\Users\Jorge\AppData\Local\Temp\sqlite3.exe
C:\Users\Jorge\AppData\Local\Temp\_is3038.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-17 09:45

==================== End Of Log ============================

 

 

 

Attached Files

•  Addition.txt   37.59KB   347 downloads

[nasdaq]

Clean your Temporary files/Folders.

Download TFC to your desktop

• Close any open windows.
• Double click the TFC icon to run the program.
• TFC will close all open programs itself in order to run.
• Click the Start button to begin the process.
• Allow TFC to run uninterrupted, it should not take long to finish.
• Once it's finished, click OK to reboot.
• If it does not reboot, reboot your system manually.
• ===
  
  
  Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
  
  

  start
  
  HKLM\...\Run: [] => [X]
  HKU\S-1-5-21-2289314783-225378754-3216661433-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\pokki.exe"
  FF SearchPlugin: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\3y176be1.default\searchplugins\trovi-search.xml
  U3 mfeavfk01; No ImagePath
  S3 cpuz134; \??\C:\Users\Jorge\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
  
  end
  

  
  Save the files as fixlist.txt in to the same folder as FRST
  
  Run FRST and click Fix only once and wait.
  
  Restart the computer to reset the registry.
  
  The tool will create a log (Fixlog.txt) please post it to your reply.
  
  ====
  
  Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  p.s.
  If the SecurityCheck program fails to run for any reason, run it as an Administrator.
  
  If the site is busy or not available use this mirror site:
  http://www.bleepingc.../securitycheck/
  ===
  
  How is the computer running now?

[azuleno]

Hi nasdaq, first off thanks for your help.

 

I went to Worlde.net (which is what started this topic since it wasn't working propely, all of the sudden). I found a message from the site stating

 

"I'm aware that many people are unable to use Wordle at this time, due to troubles with the latest Java runtime not accepting the credentials I used to sign the Wordle applet. I'm working to understand and fix the problem. It may take a few days. I'm very sorry for the inconvenience."

 

So the problem may be more pervasive due to other matters.

 

I have done your suggested fixes. In spite of that, the Wordle app didn't work. I will say lets wait a few more days and see if the owner of the Worlde site can fix whatever is going on. I will post back by late Monday or so and report back.

Have a nice weekend!

[azuleno]

Hi nasdaq, the owner of the Wordle.net site fixed the issue they had with Java and it is working OK. Unless there is anything else that you consider I could do with my PC  I will consider this case/ticket closed. I appreciate your help.

 

Best!

 

PS: I am still working on the other 'blue screen' issue with another computer. I replied a few hours ago with the requested logs.   Have a nice weekend.

[nasdaq]

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.