Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Window Buttons Not Working in Some Applications


  • This topic is locked This topic is locked
16 replies to this topic

#1 tntnb

tntnb

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 03 March 2014 - 07:52 AM

I am not especially computer literate, but I will explain my problem as best I can.

 

I am using Windows 7. Yesterday, the window buttons (minimize, restore, close) have ceased operating in both Firefox and Thunderbird. I have to minimize/restore from the taskbar for them to restore operation. 

 

When I minimize and restore the window, the buttons work, but after any other operation in the browser (scroll, change tab, whatever) they stop responding. Another minimize/restore window and they work again but they stop responding again as I explained.

 

I have also noticed that I cannot easily click commands in dialog boxes that appear on screen when I am using Firefox. For example, when I went to download DDS and the Download box popped up, I could not click the Save button without first manually minimizing and then maximizing Firefox.

 

Finally, I also cannot drag and drop icons on the desktop. In addition, none of the function buttons on YouTube (e.g., pause, volume) work.

 

This computer’s hard drive is partitioned into sections for me and for my three kids. These problems are not occurring on my kids’ partitions of the hard drive. Just mine.

 

A member has been trying to help me with this situation, but none of the suggestions have solved the problem thus far. Here is a link to the previous thread that details the attempted fixes:

 

http://www.bleepingcomputer.com/forums/t/526261/window-buttons-not-working-in-some-applications/

 

The DDS.txt log is pasted below, and the Attach.txt log is attached to this message.

 

Thank you for your assistance.

 

-----------

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518
Run by Tom at 7:38:55 on 2014-03-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.2058 [GMT -5:00]
.
AV: Sunbelt VIPRE *Enabled/Updated* {BE5DD172-7F42-7948-1A60-E6A720288F81}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Sunbelt VIPRE *Enabled/Updated* {053C3096-5978-76C6-20D0-DDD55BAFC53C}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\WTouch\WTouchService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\VIPRE\SBAMSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\VIPRE\SBAMTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ie
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=el1352&r=17361010z716p0475v135r4531s210
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=54893b7300000000000000262d2f1f66&tlver=1.4.19.19&affID=19404
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
uRun: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe"
StartupFolder: C:\Users\Tom\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F2D23429-C71E-400B-8437-B82424892032} : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.rr.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Tom\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-26 52856]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2010-4-16 87600]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-4-19 70984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-4-19 384840]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]
R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-13 701512]
R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2013-9-5 3937472]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2013-6-18 88928]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2013-9-5 176016]
R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2010-12-25 5414184]
R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-4-14 243232]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-12-25 127272]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-10-18 25928]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2013-4-12 88864]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-4-19 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-10-7 240736]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2012-12-13 41032]
S3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2013-7-23 31264]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-3-2 32512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-2 111616]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-3 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 USBTINSP;TI-Nspire™ Handheld or TI Network Bridge Device Driver;C:\Windows\System32\drivers\tinspusb.sys [2010-3-29 142848]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-12-25 18216]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-20 1255736]
.
=============== Created Last 30 ================
.
2014-03-03 01:56:09    --------    d-----w-    C:\ProgramData\Kaspersky Lab
2014-03-03 00:30:57    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 00:27:53    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-02 23:12:00    --------    d-----w-    C:\Users\Tom\Doctor Web
2014-03-02 20:04:14    32512    ----a-w-    C:\Windows\System32\drivers\hitmanpro37.sys
2014-03-02 18:39:35    --------    d-----w-    C:\Windows\Migration
2014-03-02 18:32:19    548864    ----a-w-    C:\Windows\System32\vbscript.dll
2014-03-02 18:32:19    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-03-02 13:31:26    --------    d-----w-    C:\ProgramData\HitmanPro
2014-02-23 04:32:19    --------    d-----w-    C:\Program Files\Defraggler
.
==================== Find3M  ====================
.
2014-03-03 00:30:20    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-03 00:30:20    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-06 11:30:46    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-02-06 09:09:30    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-12-24 23:09:41    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2013-12-06 02:30:08    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33    485888    ----a-w-    C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16    488448    ----a-w-    C:\Windows\System32\secproc.dll
2013-12-04 02:26:32    528384    ----a-w-    C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51    658432    ----a-w-    C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51    626176    ----a-w-    C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50    552960    ----a-w-    C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48    553984    ----a-w-    C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20    423936    ----a-w-    C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08    428032    ----a-w-    C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06    390144    ----a-w-    C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14    510976    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10    594944    ----a-w-    C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09    572416    ----a-w-    C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06    508928    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp_isv.exe
.
============= FINISH:  7:40:03.30 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:19 AM

Posted 04 March 2014 - 09:31 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Wait for further instructions.

#3 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 09:47 AM

Thank you for your assistance, nasdaq. Here is the AdwCleaner.txt log. I will now move on to the next step you listed above. That report will be forthcoming shortly.

 


# AdwCleaner v3.020 - Report created 04/03/2014 at 09:40:51
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tom - TOM-PC
# Running from : C:\Users\Tom\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Found : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\Ivy&Noah\AppData\Roaming\Mozilla\Firefox\Profiles\ghbw2diu.default\Conduit
Folder Found C:\Users\Ivy&Noah\AppData\Roaming\Mozilla\Firefox\Profiles\ghbw2diu.default\FoxTab
Folder Found C:\Users\Tom\AppData\Roaming\Search Protection

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ms-gif-animator_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ms-gif-animator_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pdf-xchange-viewer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_pdf-xchange-viewer_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=54893b7300000000000000262d2f1f66&tlver=1.4.19.19&affID=19404

-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\prefs.js ]

Line Found : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Line Found : user_pref("extensions.BabylonToolbar.cntry", "US");
Line Found : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Found : user_pref("extensions.BabylonToolbar.hdrMd5", "C01D8CD88E79D9D59295A6F339A6EFCE");
Line Found : user_pref("extensions.BabylonToolbar.lastActv", "9");
Line Found : user_pref("extensions.BabylonToolbar.lastDP", 9);

[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\9w7rvh23.default\prefs.js ]


[ File : C:\Users\Bethany\AppData\Roaming\Mozilla\Firefox\Profiles\6shjta5d.default\prefs.js ]

Line Found : user_pref("extensions.BabylonToolbar.bbDpng", 8);
Line Found : user_pref("extensions.BabylonToolbar.cntry", "US");
Line Found : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Found : user_pref("extensions.BabylonToolbar.hdrMd5", "C01D8CD88E79D9D59295A6F339A6EFCE");
Line Found : user_pref("extensions.BabylonToolbar.lastActv", "8");
Line Found : user_pref("extensions.BabylonToolbar.lastDP", 8);
Line Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=54893b7300000000000000262d2f1f66&tlver=1.4.19.19&instlRef=sst&affID=19404&q=");
Line Found : user_pref("lightweightThemes.usedThemes", "[{\"id\":\"493078\",\"name\":\"Candy Bokeh\",\"headerURL\":\"hxxps://addons.mozilla.org/_files/419568/FirefoxPersona-CandyColoredBokehHeader.jpg?1359757224\"[...]
Line Found : user_pref("somoto.bubble_src", "hxxp%3A//www.bigseekpro.com/widget/533e8dd6065764afea3aa871ee1fb6f8/bigseekpro/%7B908DAE2A-BA31-DF99-8E83-B24A8D443C26%7D");
Line Found : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/hypercam/{908DAE2A-BA31-DF99-8E83-B24A8D443C26}?q=");
Line Found : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/hypercam/{908DAE2A-BA31-DF99-8E83-B24A8D443C26}");

[ File : C:\Users\Ivy&Noah\AppData\Roaming\Mozilla\Firefox\Profiles\ghbw2diu.default\prefs.js ]

Line Found : user_pref("CT2319505.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2319505.CTID", "CT2319505");
Line Found : user_pref("CT2319505.CommunitiesChangesLastCheckTime", "Wed Dec 22 2010 09:14:54 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.CommunityChanged", true);
Line Found : user_pref("CT2319505.CurrentServerDate", "22-12-2010");
Line Found : user_pref("CT2319505.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2319505.DownloadReferralCookieData", "");
Line Found : user_pref("CT2319505.FirstServerDate", "22-12-2010");
Line Found : user_pref("CT2319505.FirstTime", true);
Line Found : user_pref("CT2319505.FirstTimeFF3", true);
Line Found : user_pref("CT2319505.FirstTimeSettingsDone", true);
Line Found : user_pref("CT2319505.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2319505.GroupingLastCheckTime", "Wed Dec 22 2010 09:14:54 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.GroupingLastErrorCode", "");
Line Found : user_pref("CT2319505.GroupingLastResponse", true);
Line Found : user_pref("CT2319505.GroupingLastServerUpdateTime", "129374669170230000");
Line Found : user_pref("CT2319505.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2319505.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2319505.Initialize", true);
Line Found : user_pref("CT2319505.InitializeCommonPrefs", true);
Line Found : user_pref("CT2319505.InstallationAndCookieDataSentCount", 1);
Line Found : user_pref("CT2319505.InstalledDate", "Wed Dec 22 2010 09:14:55 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.IsGrouping", true);
Line Found : user_pref("CT2319505.IsMulticommunity", false);
Line Found : user_pref("CT2319505.IsOpenThankYouPage", true);
Line Found : user_pref("CT2319505.IsOpenUninstallPage", true);
Line Found : user_pref("CT2319505.LanguagePackLastCheckTime", "Wed Dec 22 2010 09:14:55 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2319505.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2319505.LastLogin_2.7.1.3", "Wed Dec 22 2010 09:15:02 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.LatestVersion", "3.2.5.2");
Line Found : user_pref("CT2319505.Locale", "en-us");
Line Found : user_pref("CT2319505.LoginCache", 4);
Line Found : user_pref("CT2319505.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2319505.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2319505.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2319505.SavedHomepage", "hxxp://www.google.com/url?sa=t&source=web&cd=1&ved=0CCAQFjAA&url=hxxp%3A%2F%2Fwww.google.com%2F&ei=cFkRTZGEJsH38Abrkri_Dg&usg=AFQjCNG5-9Jej-ukVeakTgwonqt2narbYg")[...]
Line Found : user_pref("CT2319505.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2319505&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT2319505.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2319505.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319505&q=");
Line Found : user_pref("CT2319505.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2319505.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2319505.SearchInNewTabLastCheckTime", "Wed Dec 22 2010 09:15:02 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2319505.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2319505.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT2319505.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT2319505.SettingsLastCheckTime", "Wed Dec 22 2010 09:14:54 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.SettingsLastUpdate", "1292986117");
Line Found : user_pref("CT2319505.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2319505.ThirdPartyComponentsLastCheck", "Wed Dec 22 2010 09:14:54 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2319505.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2319505.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2319505.UserID", "UN38452152397246324");
Line Found : user_pref("CT2319505.backendstorage.appbuttondisablenull", "30");
Line Found : user_pref("CT2319505.backendstorage.ct2319505ads1", "253742253232616473253232253341253542253742253232616964253232253341253232363937372532322532432532327469746C652532322533412532324D616B65253230596F757[...]
Line Found : user_pref("CT2319505.backendstorage.ct2319505current_term", "");
Line Found : user_pref("CT2319505.backendstorage.ct2319505sdate", "3232");
Line Found : user_pref("CT2319505.clientLogIsEnabled", true);
Line Found : user_pref("CT2319505.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2319505.myStuffEnabled", true);
Line Found : user_pref("CT2319505.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2319505.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2319505.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2319505.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2319505.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2319505");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2319505");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Dec 22 2010 09:14:55 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Dec 22 2010 09:14:54 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{c5af0b43-c23e-44b9-b276-71a2b6d1a409}");
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319505");
Line Found : user_pref("extensions.BabylonToolbar.bbDpng", 9);
Line Found : user_pref("extensions.BabylonToolbar.cntry", "US");
Line Found : user_pref("extensions.BabylonToolbar.firstRun", false);
Line Found : user_pref("extensions.BabylonToolbar.hdrMd5", "C01D8CD88E79D9D59295A6F339A6EFCE");
Line Found : user_pref("extensions.BabylonToolbar.lastActv", "9");
Line Found : user_pref("extensions.BabylonToolbar.lastDP", 9);
Line Found : user_pref("extensions.ntk.HISTORY", "[{\"title\":\"Google\",\"icon\":{\"spec\":\"moz-anno:favicon:hxxp://www.google.com/favicon.ico\"},\"uri\":\"hxxp://www.google.com/\",\"accessCount\":21,\"time\":12[...]
Line Found : user_pref("extensions.ntk.love", "\n<stuff><site><url><![CDATA[yahoo.com]]></url><desc><![CDATA[Personalized content and search options. Chatrooms, free e-mail, clubs, and pager.]]></desc><navUrl><![C[...]
Line Found : user_pref("extensions.ntk.recentClosedPers", "hxxp://donotclickonthislink.com/::DO NOT CLICK ON THIS LINK - TOO LATE!;hxxp://www.quizyourprofile.com/guessyournumber.swf::guessyournumber.swf (applicati[...]
Line Found : user_pref("extensions.personas.lastselected4", "{\"id\":\"377783\",\"name\":\"Marshmallow  Plush  Bunnies\",\"accentcolor\":\"#cfc0c0\",\"textcolor\":\"#000000\",\"header\":\"hxxp://getpersonas-cdn.mo[...]
Line Found : user_pref("lightweightThemes.usedThemes", "[{\"id\":\"471923\",\"name\":\"AllyM Snowflakes II\",\"headerURL\":\"hxxps://addons.mozilla.org/_files/471923/header.png?1386092427\",\"footerURL\":\"hxxps:/[...]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Ivy&Noah\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14172 octets] - [04/03/2014 09:40:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14233 octets] ##########
 



#4 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 10:06 AM

Here is the jrt.txt log. Moving on now to the Farbar recovery tool. Back soon.

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tom on Tue 03/04/2014 at  9:52:27.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Tom\AppData\Roaming\mozilla\firefox\profiles\2v62pdg4.default\minidumps [1300 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/04/2014 at 10:00:20.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#5 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 10:12 AM

Finally, here is the FRST.txt log. The Addition.txt log is attached as you instructed in your initial reply.

I will now await further instructions.

-------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Tom (administrator) on TOM-PC on 04-03-2014 10:06:54
Running from C:\Users\Tom\Desktop\Farbar
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
() C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Dropbox, Inc.) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Microsoft) C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUI.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBAMSvc.exe
(Wacom Technology, Corp.) C:\Windows\system32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\VIPRE\SBAMTray.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [563744 2010-03-25] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [300472 2010-05-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SBAMTray] - C:\Program Files (x86)\VIPRE\SBAMTray.exe [3216272 2013-09-05] (ThreatTrack Security, Inc.)
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-14] (Google Inc.)
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [Google Update] - C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\MountPoints2: {f1704327-38f9-11e0-9e8b-00262d2f1f66} - G:\KODAK_Software_Downloader.exe
HKU\S-1-5-21-142554541-3340183400-1182774683-1005\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
Startup: C:\Users\Ivy&Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=293224&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=el1352&r=17361010z716p0475v135r4531s210
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS402US402
SearchScopes: HKCU - {712F2D29-D4AA-4749-9C82-C59291B4A501} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: VIPRE Search Guard Helper - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSG.dll ()
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll ()
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default
FF NewTab: google.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.rr.com/
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.609 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tom\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tom\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\searchplugins\wot-safe-search.xml
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\Extensions\ALone-live@ya.ru [2013-07-22]
FF Extension: WOT - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Last tab close button - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\Extensions\last-tab-close-button@victor.sacharin.xpi [2012-05-10]
FF Extension: No Name - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\Extensions\places-maintenance@bonardo.net.xpi [2012-05-23]
FF Extension: FireFTP - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\2v62pdg4.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-06-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-27]
FF HKCU\...\Firefox\Extensions: [{BED309A7-730C-4C5C-BAFF-C7935ED439E0}] - C:\Users\Tom\AppData\Local\{BED309A7-730C-4C5C-BAFF-C7935ED439E0}\
FF Extension: XULRunner - C:\Users\Tom\AppData\Local\{BED309A7-730C-4C5C-BAFF-C7935ED439E0}\ []

Chrome:
=======
CHR HomePage: hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ch
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=293224&p={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-12-27]
CHR Extension: (Google Wallet) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-12-27]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2010-10-19] (Adobe Systems)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-04-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-04-19] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54040 2011-07-11] (Mozy, Inc.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [3937472 2013-09-05] (ThreatTrack Security, Inc.)
R2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [176016 2013-09-05] (ThreatTrack Security, Inc.)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127272 2009-07-15] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-04-19] (BlueStack Systems)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-02] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-10-02] (Mozy, Inc.)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-06-18] (ThreatTrack Security, Inc.)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S0 RapportKE64; System32\Drivers\RapportKE64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-04 10:06 - 2014-03-04 10:06 - 00000000 ____D () C:\FRST
2014-03-04 10:00 - 2014-03-04 10:00 - 00000763 _____ () C:\Users\Tom\Desktop\JRT.txt
2014-03-04 09:52 - 2014-03-04 09:52 - 00000000 ____D () C:\Windows\ERUNT
2014-03-04 09:50 - 2014-03-04 09:50 - 00014367 _____ () C:\Users\Tom\Desktop\AdwCleaner[S0].txt
2014-03-04 09:40 - 2014-03-04 10:06 - 00000000 ____D () C:\Users\Tom\Desktop\Farbar
2014-03-04 09:40 - 2014-03-04 09:47 - 00000000 ____D () C:\AdwCleaner
2014-03-04 09:38 - 2014-03-04 09:38 - 01037734 _____ (Thisisu) C:\Users\Tom\Desktop\JRT.exe
2014-03-04 09:37 - 2014-03-04 09:37 - 01244192 _____ () C:\Users\Tom\Desktop\adwcleaner.exe
2014-03-03 20:45 - 2014-03-03 20:45 - 00233073 _____ () C:\Users\Bethany\Downloads\w38GBNy8.htm
2014-03-03 07:40 - 2014-03-03 07:41 - 00021859 _____ () C:\Users\Tom\Desktop\dds.txt
2014-03-03 07:40 - 2014-03-03 07:40 - 00015653 _____ () C:\Users\Tom\Desktop\attach.txt
2014-03-03 07:37 - 2014-03-03 07:37 - 00688992 ____R (Swearware) C:\Users\Tom\Desktop\dds.com
2014-03-03 07:25 - 2014-03-03 07:26 - 00000000 ____D () C:\Users\Tom\Desktop\Malware Fixes
2014-03-03 07:24 - 2014-03-04 09:49 - 00000112 _____ () C:\Windows\setupact.log
2014-03-03 07:24 - 2014-03-03 07:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-02 20:56 - 2014-03-02 20:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-02 19:30 - 2014-03-02 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-02 19:27 - 2014-03-02 19:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 18:39 - 2014-03-04 09:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 18:39 - 2014-03-02 19:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-02 18:12 - 2014-03-02 18:44 - 00000000 ____D () C:\Users\Tom\Doctor Web
2014-03-02 15:04 - 2014-03-02 15:04 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-03-02 15:02 - 2014-03-02 15:02 - 00003382 _____ () C:\Windows\system32\.crusader
2014-03-02 13:32 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-02 13:32 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-02 13:31 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-02 13:31 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-02 13:31 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-02 13:31 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-02 13:31 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-02 13:31 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-02 13:31 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-02 13:31 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-02 13:31 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-02 13:31 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-02 13:31 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-02 13:31 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-02 13:31 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-02 13:31 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-02 13:31 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-02 13:31 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-02 13:31 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-02 13:31 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-02 13:31 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-02 13:31 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-02 13:31 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-02 13:31 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-02 13:31 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-02 13:31 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-02 13:31 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-02 13:31 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-02 13:31 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-02 13:31 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-02 13:31 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-02 13:31 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-02 13:31 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-02 13:31 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-02 13:31 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-02 13:31 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-02 13:31 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-02 13:31 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-02 13:31 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-02 13:31 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-02 13:31 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-02 12:40 - 2014-03-02 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-02 08:31 - 2014-03-02 15:02 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-01 16:56 - 2014-03-01 16:57 - 00000000 ____D () C:\Users\Tom\Desktop\Swish at Xavier
2014-02-28 09:18 - 2014-02-28 09:53 - 00010745 _____ () C:\Users\Ivy&Noah\Documents\car colors 2011.xlsx
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tom\Desktop\TDSSKiller.exe
2014-02-25 21:48 - 2014-02-25 21:49 - 45972597 _____ () C:\Users\Tom\Desktop\scrawl - 1988 - hes drunk LP @ 160 kbps.zip
2014-02-25 12:59 - 2014-02-25 13:17 - 00000000 ____D () C:\Users\Tom\Desktop\Pix
2014-02-22 23:36 - 2014-02-22 23:37 - 00220010 _____ () C:\Users\Tom\Documents\cc_20140222_233643.reg
2014-02-22 23:33 - 2014-03-03 12:11 - 00000000 ____D () C:\Program Files\Recuva
2014-02-22 23:33 - 2014-02-22 23:33 - 00001667 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-02-22 23:32 - 2014-02-22 23:32 - 00001733 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-02-22 23:32 - 2014-02-22 23:32 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-20 16:34 - 2014-02-20 16:34 - 00000000 ____D () C:\Users\Bethany\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
2014-02-14 07:41 - 2014-02-14 07:41 - 00042690 _____ () C:\Users\Tom\Desktop\C9-24_photocredits_252014.xlsx
2014-02-14 07:29 - 2014-02-14 07:29 - 00024661 _____ () C:\Users\Tom\Desktop\USG16_Titles and Descriptions for Metadata_Revised_2.11.14.xlsx
2014-02-13 10:57 - 2014-02-13 11:17 - 90161089 _____ () C:\Users\Tom\Downloads\Lonely This Christmas.zip
2014-02-13 10:39 - 2014-02-13 10:53 - 68371747 _____ () C:\Users\Tom\Downloads\Christmas Mix 2011_B.zip
2014-02-13 10:12 - 2014-02-13 10:38 - 115462622 _____ () C:\Users\Tom\Downloads\Xmas Mix 2011_A.zip
2014-02-13 09:47 - 2014-02-13 10:12 - 114944024 _____ () C:\Users\Tom\Downloads\Xmas 2013 Part 2 Mix.zip
2014-02-13 07:40 - 2014-02-13 07:59 - 92792043 _____ () C:\Users\Tom\Downloads\Shake Hands with Santa.zip
2014-02-13 07:01 - 2014-02-13 07:27 - 112144886 _____ () C:\Users\Tom\Downloads\Xmas 2013 Mix.zip
2014-02-12 19:17 - 2014-02-14 09:15 - 00010728 _____ () C:\Users\Tom\Desktop\Norway medals by event.xlsx
2014-02-12 19:02 - 2014-02-14 09:15 - 00010863 _____ () C:\Users\Tom\Desktop\Norway medals.xlsx
2014-02-12 15:52 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 15:52 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 15:52 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 15:52 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 15:52 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 15:52 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 15:52 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 15:52 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 15:52 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 15:52 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 15:52 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 15:52 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 15:52 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 15:52 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 15:52 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 15:52 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 15:52 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 15:52 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 15:52 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 15:52 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 15:52 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 15:52 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 15:52 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 15:52 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 15:52 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 15:52 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 15:52 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 15:52 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-02 10:45 - 2014-02-02 10:47 - 233025929 _____ () C:\Users\Tom\Desktop\ohtis.zip

==================== One Month Modified Files and Folders =======

2014-03-04 10:06 - 2014-03-04 10:06 - 00000000 ____D () C:\FRST
2014-03-04 10:06 - 2014-03-04 09:40 - 00000000 ____D () C:\Users\Tom\Desktop\Farbar
2014-03-04 10:00 - 2014-03-04 10:00 - 00000763 _____ () C:\Users\Tom\Desktop\JRT.txt
2014-03-04 09:56 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 09:56 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 09:53 - 2010-10-26 17:38 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{69FF6D01-AD08-41FC-B4CD-F5467B42E970}
2014-03-04 09:52 - 2014-03-04 09:52 - 00000000 ____D () C:\Windows\ERUNT
2014-03-04 09:52 - 2013-10-30 18:03 - 01811251 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 09:50 - 2014-03-04 09:50 - 00014367 _____ () C:\Users\Tom\Desktop\AdwCleaner[S0].txt
2014-03-04 09:50 - 2014-01-21 15:04 - 00000000 ___RD () C:\Users\Tom\Dropbox
2014-03-04 09:50 - 2014-01-21 15:02 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Dropbox
2014-03-04 09:49 - 2014-03-03 07:24 - 00000112 _____ () C:\Windows\setupact.log
2014-03-04 09:49 - 2010-12-25 19:40 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\WTablet
2014-03-04 09:49 - 2010-10-18 15:36 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 09:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 09:47 - 2014-03-04 09:40 - 00000000 ____D () C:\AdwCleaner
2014-03-04 09:38 - 2014-03-04 09:38 - 01037734 _____ (Thisisu) C:\Users\Tom\Desktop\JRT.exe
2014-03-04 09:37 - 2014-03-04 09:37 - 01244192 _____ () C:\Users\Tom\Desktop\adwcleaner.exe
2014-03-04 09:37 - 2010-12-16 14:38 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1004UA.job
2014-03-04 09:30 - 2014-03-02 18:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 09:27 - 2012-12-27 20:42 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1001UA.job
2014-03-04 09:12 - 2010-10-18 15:36 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 07:12 - 2010-10-18 15:59 - 00000000 ____D () C:\My Work
2014-03-04 04:18 - 2013-09-21 16:00 - 00002152 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 03:37 - 2010-12-16 14:38 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1004Core.job
2014-03-04 03:32 - 2011-09-12 09:18 - 00005428 _____ () C:\Windows\mozy.blk
2014-03-04 03:32 - 2011-09-12 09:18 - 00000290 _____ () C:\Windows\mozy.flt
2014-03-04 02:27 - 2012-12-27 20:42 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1001Core.job
2014-03-04 02:00 - 2011-04-07 09:07 - 00000000 ____D () C:\Users\Tom\AppData\Local\Adobe
2014-03-03 22:38 - 2010-10-19 07:47 - 00000000 ____D () C:\Users\Ivy&Noah\AppData\Roaming\Mozilla
2014-03-03 22:00 - 2012-08-09 11:13 - 00000000 ____D () C:\Users\Ivy&Noah\AppData\Local\CrashDumps
2014-03-03 22:00 - 2012-06-30 14:44 - 00000000 ____D () C:\Users\Bethany\AppData\Local\CrashDumps
2014-03-03 20:45 - 2014-03-03 20:45 - 00233073 _____ () C:\Users\Bethany\Downloads\w38GBNy8.htm
2014-03-03 18:39 - 2010-12-25 17:12 - 00000000 ____D () C:\Users\Bethany\AppData\Roaming\WTablet
2014-03-03 17:10 - 2010-12-26 12:40 - 00000000 ____D () C:\Users\Ivy&Noah\AppData\Roaming\WTablet
2014-03-03 12:11 - 2014-02-22 23:33 - 00000000 ____D () C:\Program Files\Recuva
2014-03-03 07:41 - 2014-03-03 07:40 - 00021859 _____ () C:\Users\Tom\Desktop\dds.txt
2014-03-03 07:40 - 2014-03-03 07:40 - 00015653 _____ () C:\Users\Tom\Desktop\attach.txt
2014-03-03 07:37 - 2014-03-03 07:37 - 00688992 ____R (Swearware) C:\Users\Tom\Desktop\dds.com
2014-03-03 07:26 - 2014-03-03 07:25 - 00000000 ____D () C:\Users\Tom\Desktop\Malware Fixes
2014-03-03 07:24 - 2014-03-03 07:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-03 07:22 - 2010-10-18 15:22 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-03 04:22 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-03-02 20:56 - 2014-03-02 20:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-02 20:34 - 2011-01-17 17:21 - 00000000 ____D () C:\Windows\Minidump
2014-03-02 19:52 - 2014-03-02 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-02 19:30 - 2014-03-02 18:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-02 19:30 - 2012-04-12 22:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-02 19:30 - 2011-06-06 07:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 19:27 - 2014-03-02 19:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 18:44 - 2014-03-02 18:12 - 00000000 ____D () C:\Users\Tom\Doctor Web
2014-03-02 18:12 - 2010-10-18 15:20 - 00000000 ____D () C:\Users\Tom
2014-03-02 15:16 - 2011-01-31 20:29 - 00000000 ____D () C:\WTablet
2014-03-02 15:04 - 2014-03-02 15:04 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-03-02 15:02 - 2014-03-02 15:02 - 00003382 _____ () C:\Windows\system32\.crusader
2014-03-02 15:02 - 2014-03-02 08:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-02 13:55 - 2009-07-13 23:45 - 05065728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 13:54 - 2012-05-02 06:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-02 13:48 - 2013-08-15 17:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-02 13:42 - 2013-12-04 19:33 - 00774632 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-02 13:41 - 2009-07-14 00:13 - 00774632 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 13:37 - 2010-04-14 13:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-02 12:40 - 2014-03-02 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-02 12:29 - 2010-05-15 03:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-02 08:26 - 2012-06-12 15:10 - 00000000 ____D () C:\Users\Tom\AppData\Local\CrashDumps
2014-03-02 07:51 - 2010-10-18 15:36 - 00000000 ____D () C:\Program Files\MozyHome
2014-03-01 17:26 - 2011-05-19 17:19 - 00000208 _____ () C:\Users\Tom\Desktop\backgw32.gph
2014-03-01 17:26 - 2011-04-14 22:51 - 00000440 _____ () C:\Users\Tom\Desktop\backgw.ini
2014-03-01 16:57 - 2014-03-01 16:56 - 00000000 ____D () C:\Users\Tom\Desktop\Swish at Xavier
2014-02-28 09:53 - 2014-02-28 09:18 - 00010745 _____ () C:\Users\Ivy&Noah\Documents\car colors 2011.xlsx
2014-02-28 08:59 - 2010-10-19 07:41 - 00000000 ____D () C:\Users\Ivy&Noah
2014-02-27 15:26 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Tom\Desktop\TDSSKiller.exe
2014-02-27 00:28 - 2010-10-18 15:38 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Mozilla
2014-02-25 21:49 - 2014-02-25 21:48 - 45972597 _____ () C:\Users\Tom\Desktop\scrawl - 1988 - hes drunk LP @ 160 kbps.zip
2014-02-25 13:17 - 2014-02-25 12:59 - 00000000 ____D () C:\Users\Tom\Desktop\Pix
2014-02-25 11:38 - 2012-04-06 08:10 - 00000000 ____D () C:\Users\Tom\Desktop\Kids
2014-02-22 23:37 - 2014-02-22 23:36 - 00220010 _____ () C:\Users\Tom\Documents\cc_20140222_233643.reg
2014-02-22 23:33 - 2014-02-22 23:33 - 00001667 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-02-22 23:32 - 2014-02-22 23:32 - 00001733 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-02-22 23:32 - 2014-02-22 23:32 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-22 14:40 - 2011-08-29 08:09 - 00000000 ____D () C:\Users\Tom\Desktop\Bethany Art
2014-02-21 18:28 - 2012-03-14 20:10 - 00000000 ____D () C:\Users\Bethany\AppData\Roaming\Skype
2014-02-20 16:34 - 2014-02-20 16:34 - 00000000 ____D () C:\Users\Bethany\AppData\Roaming\deb27c1a-00e6-4263-94b2-8b78ea4d32ae
2014-02-20 15:58 - 2013-01-07 20:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 15:58 - 2012-03-14 20:10 - 00000000 ____D () C:\ProgramData\Skype
2014-02-17 17:47 - 2012-03-11 16:23 - 00000000 ____D () C:\Users\Bethany\Desktop\ew.me
2014-02-15 09:59 - 2013-12-20 06:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 02:07 - 2010-10-18 15:36 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 02:07 - 2010-10-18 15:36 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 09:15 - 2014-02-12 19:17 - 00010728 _____ () C:\Users\Tom\Desktop\Norway medals by event.xlsx
2014-02-14 09:15 - 2014-02-12 19:02 - 00010863 _____ () C:\Users\Tom\Desktop\Norway medals.xlsx
2014-02-14 07:41 - 2014-02-14 07:41 - 00042690 _____ () C:\Users\Tom\Desktop\C9-24_photocredits_252014.xlsx
2014-02-14 07:29 - 2014-02-14 07:29 - 00024661 _____ () C:\Users\Tom\Desktop\USG16_Titles and Descriptions for Metadata_Revised_2.11.14.xlsx
2014-02-14 02:22 - 2012-12-27 20:42 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1001UA
2014-02-14 02:22 - 2012-12-27 20:42 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1001Core
2014-02-13 11:17 - 2014-02-13 10:57 - 90161089 _____ () C:\Users\Tom\Downloads\Lonely This Christmas.zip
2014-02-13 10:53 - 2014-02-13 10:39 - 68371747 _____ () C:\Users\Tom\Downloads\Christmas Mix 2011_B.zip
2014-02-13 10:38 - 2014-02-13 10:12 - 115462622 _____ () C:\Users\Tom\Downloads\Xmas Mix 2011_A.zip
2014-02-13 10:12 - 2014-02-13 09:47 - 114944024 _____ () C:\Users\Tom\Downloads\Xmas 2013 Part 2 Mix.zip
2014-02-13 07:59 - 2014-02-13 07:40 - 92792043 _____ () C:\Users\Tom\Downloads\Shake Hands with Santa.zip
2014-02-13 07:27 - 2014-02-13 07:01 - 112144886 _____ () C:\Users\Tom\Downloads\Xmas 2013 Mix.zip
2014-02-11 03:32 - 2010-12-16 14:38 - 00003920 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1004UA
2014-02-11 03:32 - 2010-12-16 14:38 - 00003524 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-142554541-3340183400-1182774683-1004Core
2014-02-06 07:16 - 2014-03-02 13:31 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-03-02 13:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-03-02 13:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-03-02 13:31 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-03-02 13:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-03-02 13:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-03-02 13:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-03-02 13:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-03-02 13:31 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-03-02 13:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-03-02 13:31 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-03-02 13:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-03-02 13:31 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-03-02 13:31 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-03-02 13:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-03-02 13:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-03-02 13:31 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-03-02 13:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-03-02 13:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-03-02 13:31 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-03-02 13:31 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-03-02 13:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-03-02 13:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-03-02 13:31 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-03-02 13:31 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-03-02 13:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-03-02 13:31 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-03-02 13:31 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-03-02 13:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-03-02 13:31 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-03-02 13:31 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-03-02 13:31 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-03-02 13:31 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-03-02 13:31 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-03-02 13:31 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-03-02 13:31 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-03-02 13:31 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-03-02 13:31 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-03-02 13:31 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:09 - 2010-11-07 13:39 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-04 18:22 - 2014-01-30 18:16 - 01629192 _____ () C:\Users\Ivy&Noah\Documents\Robert Frost.pptx
2014-02-02 10:47 - 2014-02-02 10:45 - 233025929 _____ () C:\Users\Tom\Desktop\ohtis.zip

Some content of TEMP:
====================
C:\Users\Bethany\AppData\Local\Temp\ONAIRSetup4.0.0.939.exe
C:\Users\Tom\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9ujovs.dll
C:\Users\Tom\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 00:42

==================== End Of Log ============================

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:19 AM

Posted 04 March 2014 - 02:03 PM

If not already done please clean everything found with the AdwCleaner tool.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [AdobeBridge] - [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=293224&fr=spigot-yhp-ie
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
FF Extension: XULRunner - C:\Users\Tom\AppData\Local\{BED309A7-730C-4C5C-BAFF-C7935ED439E0}\ []
CHR HomePage: hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ch
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
AlternateDataStreams: C:\ProgramData\Temp:888AFB86

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please let me know what problem persists.

#7 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 02:16 PM

Unfortunately, all of the problems persist:

 

* Minimize, maximize, close buttons do not work in Firefox or Thunderbird (they work in other browsers)
* Cannot drag and drop

* Buttons on YouTube are not operable in Firefox (they work in other browsers)

* Unable to select a choice in dropdown menus in Firefox or Thunderbird (OK in other browsers)

 

 

Here is the Fixlog.txt log. I will await further instructions.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2014
Ran by Tom at 2014-03-04 14:09:25 Run:1
Running from C:\Users\Tom\Desktop\Farbar
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\...\Run: [AdobeBridge] - [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=293224&fr=spigot-yhp-ie
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
FF Extension: XULRunner - C:\Users\Tom\AppData\Local\{BED309A7-730C-4C5C-BAFF-C7935ED439E0}\ []
CHR HomePage: hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ch
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
AlternateDataStreams: C:\ProgramData\Temp:888AFB86

end
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-142554541-3340183400-1182774683-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKCR\PROTOCOLS\Handler\vipresg => Key deleted successfully.
HKCR\CLSID\{47BE2E5B-703B-444F-ABD3-05717D2191C6} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\gopher => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\PROTOCOLS\Filter\application/x-ica => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
HKCR\PROTOCOLS\Filter\ica => Key deleted successfully.
HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found.
C:\Users\Tom\AppData\Local\{BED309A7-730C-4C5C-BAFF-C7935ED439E0}\ => Moved successfully.
CHR HomePage: hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ch ==> The Chrome "Settings" can be used to fix the entry.
C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\gcswf32.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll not found.
C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll not found.
C:\ProgramData\Temp => ":888AFB86" ADS removed successfully.

==== End of Fixlog ====



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:19 AM

Posted 04 March 2014 - 02:25 PM

Lets see if this will restore Firefox.
Reset Firefox – easily fix most problems
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

If that fails then try this.

Remove Firefox using the Add/Remove Programs.
Restart the computer normally
Re-install the browser.

I suggest you save your bookmarks before remove Firefox.
Restore bookmarks from backup or move them to another computer
https://support.mozilla.org/en-US/kb/restore-bookmarks-from-backup-or-move-them
<<<>>>

#9 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 02:45 PM

I reset Firefox. The problems persisted.

I uninstalled Firefox, restarted the computer normall, and reinstalled Firefox. The problems persist.

 

I will await further instructions.



#10 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 05:08 PM

Could the information at any of these sources be of any help in restoring drag and drop?

http://www.stigviewer.com/check/V-6253

http://www.stigviewer.com/check/V-6301

 

http://winscp.net/forum/viewtopic.php?t=12448

 

I obviously would never mess with the registry unless someone here were holding my hand. I'm just trying to run down some of these problems. Thank you again for all of your help on this.



#11 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 04 March 2014 - 09:20 PM

I appear to have solved the problem, like so:

 

Go to Start and run regedit, then find this folder:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4

Look at the value for Key 1802, which deals with permissions to drag and drop -- it should be "0" -- if it is "3" drag and drop is disabled.

 

I found the Key 1802 and changed the value to 0. After restarting the computer, everything now works as it should.



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:19 AM

Posted 05 March 2014 - 09:29 AM

That was a good catch.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know if all is still ok.

#13 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 05 March 2014 - 11:11 AM

Hi Nasdaq, everything is still running OK. Here is the checkup.txt log:

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 Windows Firewall Enabled!  
Sunbelt VIPRE   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 10  
 Java version out of Date!
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1)
 Mozilla Thunderbird (24.3.0)
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:19 AM

Posted 05 March 2014 - 01:31 PM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u51 was released on Oct. 15. 2013.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 7 Update 10

===


Adobe Flash Player 12.0.0.70 Flash Player out of Date!

You have the latest version. The SecurityCheck tool needs to be revised..
===

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#15 tntnb

tntnb
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 05 March 2014 - 02:22 PM

Thank you so much for your assistance, nasdaq.

Do you accept donations at a PayPal account? Or, perhaps you have a favorite charity to which I could make a donation. I would simply like to express my gratitude in some way other than saying "thank you." (Though as my mother taught me, that's important too!)

 

All best to you.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users