Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

how to remove Deal Finder and Conduit Search [Solved]


  • This topic is locked This topic is locked
35 replies to this topic

#16 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 05 March 2014 - 12:13 PM

Good!
Got what I was after.

Now, time to clean temps and run an online scan to check for any remnants.



Please Run TFC by OldTimer to clear temporary files:

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe
and save it to your desktop.

Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

~~~~~~~~~~~~~~~~~~~~~~~~


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish
How is your computer now?


WAIT go to the post below, we cross posted.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

    Advertisements

Register to Remove


#17 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 05 March 2014 - 12:21 PM

uninstall the Plus-HD-7.5

At the top of the Firefox window, click the orange Firefox button, then select Add-ons.
Select the Extensions tab, then remove Plus-HD-7.5 and any other unknown extensions from Mozilla Firefox.

To remove the Plus-HD-7.5 extensions from this web browser, click the Chrome menu Chrome menu button on the browser toolbar, select Tools and then click on Extensions.
In the Extensions tab, remove Plus-HD-7.5 and any other unknown extensions by clicking the trash can [Image: Remove an extension from Chrome] icon.


~~~~~~~~~~~~~~~~~

bf_new.gif Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#18 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 05 March 2014 - 12:48 PM

can not run go.eset.com. See message below:

The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

    This problem can sometimes be caused by disabling or refusing to accept cookies.



#19 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 05 March 2014 - 01:11 PM

Here is the log from malwarebytes:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.05.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Bob B :: DELL-1 [administrator]

3/5/2014 1:58:47 PM
mbam-log-2014-03-05 (13-58-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 288793
Time elapsed: 5 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\AppID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.Optional.FaceThemes) -> Quarantined and deleted successfully.
HKCR\CLSID\{2A28729E-2280-4986-BDB4-EC2623EAFBA4} (PUP.FaceThemes) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> Quarantined and deleted successfully.
HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> Quarantined and deleted successfully.
HKCR\SelectionLinks.SelectionLinksBHO.1 (PUP.FaceThemes) -> Quarantined and deleted successfully.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Classes\AppID\DynConIE.DLL (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\Bob B\Downloads\AdwCleaner_brff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Bob B\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Bob B\Downloads\PhotoMerge provided through GetNow.exe (PUP.Optional.LiveSoftAction.A) -> Quarantined and deleted successfully.
C:\Users\Bob B\Downloads\Setup(2).exe (PUP.Optional.DomalQ) -> Quarantined and deleted successfully.
C:\Users\Bob B\Downloads\SoftonicDownloader_for_photomerge.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.

(end)
 



#20 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 05 March 2014 - 01:59 PM

Did you follow this?

uninstall the Plus-HD-7.5

At the top of the Firefox window, click the orange Firefox button, then select Add-ons.
Select the Extensions tab, then remove Plus-HD-7.5 and any other unknown extensions from Mozilla Firefox.

To remove the Plus-HD-7.5 extensions from this web browser, click the Chrome menu Chrome menu button on the browser toolbar, select Tools and then click on Extensions.
In the Extensions tab, remove Plus-HD-7.5 and any other unknown extensions by clicking the trash can [Image: Remove an extension from Chrome] icon.


http://kb.mozillazin...ecting_properly
article that might if using Firefox.

Try this link for Eset
http://www.eset.com/...-scanner-popup/
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#21 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 05 March 2014 - 06:09 PM

Yes, I did uninstall the Plus-HD-7.5 file.

 

Here is the ESETSCAN LIST:

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Uninstall.exe.vir    probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerEnhance\44150.crx.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerEnhance\44150.xpi.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\50776.crx.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\50776.xpi.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-codedownloader.exe.vir    a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-enabler.exe.vir    a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-firefoxinstaller.exe.vir    a variant of Win32/Toolbar.CrossRider.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-updater.exe.vir    a variant of Win32/Toolbar.CrossRider.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-validator.exe.vir    a variant of Win32/Toolbar.CrossRider.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir    a variant of Win32/Conduit.SearchProtect.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir    a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir    a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir    a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir    a variant of Win32/Conduit.SearchProtect.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\102_dealply_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\103_intext_5_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\104_jollywallet_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\119_similar_web_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\123_intext_adv_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\155_ibario_pops_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\179_revizer_p_dynamic_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\180_bpo_serp_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\184_noproblemppc_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\190_pops_5_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\191_ciuvo_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\195_icm_convertmedia_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\221_icm_downloads_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\223_imonomy_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\226_set_campaign_id_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\237_noproblemppc_ppi_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\91_monetizationLoader.js.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default\Extensions\18c66c1d-05d8-4e58-8b16-c4df04ed638e@e204c3e4-8076-4eb9-b628-0fe8abef45e2.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application
C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe    Win32/InstallCore.A potentially unwanted application
C:\Program Files (x86)\Uninstaller\Uninstall.exe    a variant of MSIL/DomaIQ.A potentially unwanted application
C:\Users\Bob B\Downloads\belarcadvisor-setup.exe    Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Bob B\Downloads\ccsetup406.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Bob Burkhard.Dell-1.000\Downloads\registrybooster.exe    Win32/RegistryBooster potentially unwanted application
 



#22 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 05 March 2014 - 06:59 PM

This is looking pretty good.

We do not recommend the use of registry cleaners. No registry cleaner is completely safe since most do not even create a backup the potential is ever present to cause more problems than they claim to fix.
If you do not have knowledge of the registry, then you would probably be better off leaving it alone, and definitely not placing blind trust in a program to do the job for you.
Our colleague miekiemoes has an excellent writeup here
http://miekiemoes.bl...weaking_13.html

We suggest uninstalling them via Add or Remove Programs in your Control Panel.

Let's remove some bad files.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)
 

start
C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe
C:\Program Files (x86)\Uninstaller\Uninstall.exe
C:\Users\Bob B\Downloads\belarcadvisor-setup.exe
C:\Users\Bob B\Downloads\ccsetup406.exe
C:\Users\Bob Burkhard.Dell-1.000\Downloads\registrybooster.exe
Reboot:
end


Please post this log with comments on how the computer is now.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#23 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 05 March 2014 - 07:20 PM

Oh my gosh Juliet, don't you ever take a rest. I didn't expect to hear from you until tomorrow. I really do appreciate your help. This is so far above my head.

 

I hope this is what you wanted me to do. Here is the log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014 02
Ran by Bob B (administrator) on DELL-1 on 05-03-2014 20:16:30
Running from C:\Users\Bob B\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] - C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-15] (Microsoft Corporation)
HKU\S-1-5-21-4004932578-999774799-4059474116-1000\...\Run: [AdobeBridge] - [X]
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x696A59449638CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {C4401D0E-088C-4AD4-B14A-8D6B1181A5E4} -  No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{145E688C-0E1D-4FC7-9A28-29DFD35E263A}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{37B82EDE-6860-4854-ABB3-D03820104E1C}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Bob B\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKCU\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files (x86)\Social Privacy\FF\

==================== Services (Whitelisted) =================

S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 NewPlayerUpdaterService; "C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Bob B\Desktop\FRST-OlderVersion
2014-03-05 19:06 - 2014-03-05 19:06 - 00009439 _____ () C:\Users\Bob B\Desktop\ESETSCAN.txt
2014-03-05 15:23 - 2014-03-05 15:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 15:17 - 2014-03-05 15:17 - 02347384 _____ (ESET) C:\Users\Bob B\Downloads\esetsmartinstaller_enu.exe
2014-03-05 13:58 - 2014-03-05 13:58 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 13:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 13:55 - 2014-03-05 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bob B\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-05 13:33 - 2014-03-05 13:33 - 00448512 _____ (OldTimer Tools) C:\Users\Bob B\Desktop\TFC.exe
2014-03-05 11:23 - 2014-03-05 11:23 - 00002244 _____ () C:\Users\Bob B\Desktop\JRT.txt
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 11:13 - 2014-03-05 11:14 - 01037734 _____ (Thisisu) C:\Users\Bob B\Downloads\JRT.exe
2014-03-05 10:49 - 2014-03-05 10:49 - 01244192 _____ () C:\Users\Bob B\Desktop\AdwCleaner(2).exe
2014-03-05 10:19 - 2014-03-05 20:16 - 00010406 _____ () C:\Users\Bob B\Desktop\FRST.txt
2014-03-05 10:14 - 2014-03-05 20:16 - 02156544 _____ (Farbar) C:\Users\Bob B\Desktop\FRST64.exe
2014-03-05 09:56 - 2014-03-05 09:56 - 00000000 ____D () C:\Users\Bob B\Downloads\FRST-OlderVersion
2014-03-05 09:51 - 2014-03-05 20:15 - 00000272 _____ () C:\Users\Bob B\Desktop\fixlist.txt
2014-03-04 11:15 - 2014-03-04 11:16 - 00018500 _____ () C:\Users\Bob B\Downloads\Addition.txt
2014-03-04 11:14 - 2014-03-05 20:16 - 00000000 ____D () C:\FRST
2014-03-04 11:14 - 2014-03-04 11:16 - 00031498 _____ () C:\Users\Bob B\Downloads\FRST.txt
2014-03-04 11:09 - 2014-03-05 09:56 - 02157056 _____ (Farbar) C:\Users\Bob B\Downloads\FRST64.exe
2014-03-04 10:39 - 2014-03-04 10:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill(1).exe
2014-03-04 10:30 - 2014-03-04 10:43 - 00002152 _____ () C:\Users\Bob B\Desktop\Rkill.txt
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64-12321.exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64.exe
2014-03-04 10:29 - 2014-03-04 10:29 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill.exe
2014-03-04 09:43 - 2014-03-04 09:43 - 00844153 _____ () C:\Users\Bob B\Downloads\testleasetransaction.zip
2014-03-03 10:38 - 2014-03-05 19:14 - 00000000 ____D () C:\Users\Bob B\Documents\Personal Expenses
2014-03-03 09:01 - 2014-03-03 09:01 - 01244192 _____ () C:\Users\Bob B\Downloads\AdwCleaner(1).exe
2014-03-02 14:43 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\LavasoftStatistics
2014-03-02 11:20 - 2014-03-02 11:20 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\SecureSearch
2014-03-02 11:19 - 2014-03-02 14:40 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-02 11:16 - 2014-03-02 11:16 - 01727624 _____ () C:\Users\Bob B\Downloads\Adaware_Installer.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-01 14:14 - 2014-03-01 14:14 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\TuneUp Software
2014-03-01 14:12 - 2014-03-02 09:25 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-01 14:08 - 2014-03-02 09:25 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-01 14:08 - 2014-03-01 14:08 - 04435328 _____ (AVG Technologies) C:\Users\Bob B\Downloads\avg_avct_stb_all_2014_4158_futuretest3.exe
2014-03-01 14:08 - 2014-03-01 14:08 - 00000000 ____D () C:\Users\Bob B\AppData\Local\MFAData
2014-03-01 13:24 - 2014-03-01 13:24 - 00000000 ____D () C:\Program Files\My Dell
2014-03-01 11:42 - 2014-03-01 11:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bob B\Downloads\SpyHunter-Installer(2).exe
2014-03-01 09:58 - 2014-03-01 09:58 - 00000000 ___RD () C:\Users\Bob B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 09:55 - 2014-03-01 09:55 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Tuguu_SL
2014-02-28 17:57 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-28 17:57 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-28 17:57 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-28 17:57 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-28 17:56 - 2014-02-28 17:57 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-26 16:28 - 2014-02-26 16:33 - 00000000 ____D () C:\Users\Bob B\Desktop\New folder
2014-02-25 20:05 - 2014-02-25 20:08 - 00000000 ____D () C:\Users\Bob B\Desktop\Photography Info
2014-02-25 19:57 - 2014-02-26 16:30 - 00000000 ____D () C:\Users\Bob B\Desktop\iPhone pictures 2-25-14
2014-02-20 21:24 - 2014-02-20 21:27 - 06605814 _____ () C:\Users\Bob B\Desktop\Sawyer.psd
2014-02-18 06:58 - 2014-02-18 06:58 - 00149466 _____ () C:\Users\Bob B\Desktop\Dad_logo words 3.psd
2014-02-17 10:32 - 2014-02-17 10:32 - 00100124 _____ () C:\Users\Bob B\Desktop\Dad_logo-2-circle.psd
2014-02-17 06:56 - 2014-02-17 06:56 - 00351289 _____ () C:\Users\Bob B\Desktop\Dad_logo-1WhiteS.psd
2014-02-17 06:50 - 2014-02-17 06:50 - 00241578 _____ () C:\Users\Bob B\Desktop\Dad_logo-1White.psd
2014-02-17 06:41 - 2014-02-17 06:41 - 00242646 _____ () C:\Users\Bob B\Desktop\Dad_logo-1.psd
2014-02-16 20:45 - 2014-02-16 20:45 - 00017806 _____ () C:\Users\Bob B\Desktop\Dad_logo.jpf
2014-02-15 10:16 - 2014-02-15 10:16 - 00063488 _____ () C:\Users\Bob B\Downloads\Office2003_SP3Changes.exe
2014-02-15 10:15 - 2014-02-15 10:15 - 00000000 ____D () C:\Office2003SP3Changes
2014-02-06 19:35 - 2014-02-27 09:26 - 00000000 ____D () C:\Users\Bob B\Desktop\Website Pix

==================== One Month Modified Files and Folders =======

2014-03-05 20:17 - 2014-03-05 10:19 - 00010406 _____ () C:\Users\Bob B\Desktop\FRST.txt
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Bob B\Desktop\FRST-OlderVersion
2014-03-05 20:16 - 2014-03-05 10:14 - 02156544 _____ (Farbar) C:\Users\Bob B\Desktop\FRST64.exe
2014-03-05 20:16 - 2014-03-04 11:14 - 00000000 ____D () C:\FRST
2014-03-05 20:15 - 2014-03-05 09:51 - 00000272 _____ () C:\Users\Bob B\Desktop\fixlist.txt
2014-03-05 19:14 - 2014-03-03 10:38 - 00000000 ____D () C:\Users\Bob B\Documents\Personal Expenses
2014-03-05 19:06 - 2014-03-05 19:06 - 00009439 _____ () C:\Users\Bob B\Desktop\ESETSCAN.txt
2014-03-05 15:23 - 2014-03-05 15:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 15:17 - 2014-03-05 15:17 - 02347384 _____ (ESET) C:\Users\Bob B\Downloads\esetsmartinstaller_enu.exe
2014-03-05 14:16 - 2009-07-13 23:45 - 00019712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 14:16 - 2009-07-13 23:45 - 00019712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 14:13 - 2013-04-13 17:24 - 01599732 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 14:07 - 2013-11-01 11:16 - 00005078 _____ () C:\Windows\setupact.log
2014-03-05 14:07 - 2013-11-01 11:15 - 00046500 _____ () C:\Windows\PFRO.log
2014-03-05 14:07 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 13:58 - 2014-03-05 13:58 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 13:55 - 2014-03-05 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bob B\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-05 13:33 - 2014-03-05 13:33 - 00448512 _____ (OldTimer Tools) C:\Users\Bob B\Desktop\TFC.exe
2014-03-05 12:28 - 2014-01-13 11:24 - 00796420 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-05 11:23 - 2014-03-05 11:23 - 00002244 _____ () C:\Users\Bob B\Desktop\JRT.txt
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 11:14 - 2014-03-05 11:13 - 01037734 _____ (Thisisu) C:\Users\Bob B\Downloads\JRT.exe
2014-03-05 11:02 - 2013-11-13 14:25 - 00000000 ____D () C:\AdwCleaner
2014-03-05 10:49 - 2014-03-05 10:49 - 01244192 _____ () C:\Users\Bob B\Desktop\AdwCleaner(2).exe
2014-03-05 10:44 - 2013-04-16 06:05 - 00000000 ____D () C:\Users\Bob B\Desktop\PDF Files
2014-03-05 09:56 - 2014-03-05 09:56 - 00000000 ____D () C:\Users\Bob B\Downloads\FRST-OlderVersion
2014-03-05 09:56 - 2014-03-04 11:09 - 02157056 _____ (Farbar) C:\Users\Bob B\Downloads\FRST64.exe
2014-03-04 16:09 - 2013-04-13 15:25 - 00000000 ____D () C:\Users\Bob B\Documents\Scott's Folder
2014-03-04 11:16 - 2014-03-04 11:15 - 00018500 _____ () C:\Users\Bob B\Downloads\Addition.txt
2014-03-04 11:16 - 2014-03-04 11:14 - 00031498 _____ () C:\Users\Bob B\Downloads\FRST.txt
2014-03-04 10:43 - 2014-03-04 10:30 - 00002152 _____ () C:\Users\Bob B\Desktop\Rkill.txt
2014-03-04 10:40 - 2014-03-04 10:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill(1).exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64-12321.exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64.exe
2014-03-04 10:29 - 2014-03-04 10:29 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill.exe
2014-03-04 10:25 - 2012-07-12 14:40 - 00056832 _____ () C:\Users\Bob Burkhard.Dell-1.000\Desktop\PW.xls
2014-03-04 09:43 - 2014-03-04 09:43 - 00844153 _____ () C:\Users\Bob B\Downloads\testleasetransaction.zip
2014-03-03 09:01 - 2014-03-03 09:01 - 01244192 _____ () C:\Users\Bob B\Downloads\AdwCleaner(1).exe
2014-03-02 14:43 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\LavasoftStatistics
2014-03-02 14:40 - 2014-03-02 11:19 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-02 11:20 - 2014-03-02 11:20 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\SecureSearch
2014-03-02 11:16 - 2014-03-02 11:16 - 01727624 _____ () C:\Users\Bob B\Downloads\Adaware_Installer.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-02 09:25 - 2014-03-01 14:12 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-02 09:25 - 2014-03-01 14:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-01 14:16 - 2013-04-16 06:07 - 00000000 ____D () C:\Users\Bob B\Desktop\Real Estate
2014-03-01 14:14 - 2014-03-01 14:14 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\TuneUp Software
2014-03-01 14:14 - 2013-06-20 18:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 14:08 - 2014-03-01 14:08 - 04435328 _____ (AVG Technologies) C:\Users\Bob B\Downloads\avg_avct_stb_all_2014_4158_futuretest3.exe
2014-03-01 14:08 - 2014-03-01 14:08 - 00000000 ____D () C:\Users\Bob B\AppData\Local\MFAData
2014-03-01 13:36 - 2013-04-30 10:16 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Citrix
2014-03-01 13:24 - 2014-03-01 13:24 - 00000000 ____D () C:\Program Files\My Dell
2014-03-01 11:42 - 2014-03-01 11:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bob B\Downloads\SpyHunter-Installer(2).exe
2014-03-01 11:41 - 2013-12-26 12:19 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2014-03-01 09:58 - 2014-03-01 09:58 - 00000000 ___RD () C:\Users\Bob B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 09:55 - 2014-03-01 09:55 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Tuguu_SL
2014-02-28 19:55 - 2013-04-15 06:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-28 19:55 - 2013-04-15 06:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-28 19:54 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-28 18:12 - 2013-10-16 10:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-28 17:57 - 2014-02-28 17:56 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-28 17:57 - 2013-07-20 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-28 08:53 - 2013-08-25 19:11 - 00000000 ____D () C:\Users\Bob B\Documents\Fax
2014-02-28 08:53 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-27 09:26 - 2014-02-06 19:35 - 00000000 ____D () C:\Users\Bob B\Desktop\Website Pix
2014-02-26 16:33 - 2014-02-26 16:28 - 00000000 ____D () C:\Users\Bob B\Desktop\New folder
2014-02-26 16:30 - 2014-02-25 19:57 - 00000000 ____D () C:\Users\Bob B\Desktop\iPhone pictures 2-25-14
2014-02-26 09:05 - 2014-01-21 08:43 - 00000000 ____D () C:\Users\Bob B\Desktop\Bob Iphone 1-21-14
2014-02-25 20:08 - 2014-02-25 20:05 - 00000000 ____D () C:\Users\Bob B\Desktop\Photography Info
2014-02-25 19:44 - 2013-04-13 15:26 - 00000000 ___RD () C:\Users\Bob B\Desktop\Dropbox
2014-02-20 21:27 - 2014-02-20 21:24 - 06605814 _____ () C:\Users\Bob B\Desktop\Sawyer.psd
2014-02-20 13:09 - 2013-04-21 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-19 08:42 - 2013-04-14 06:57 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Microsoft Help
2014-02-18 06:58 - 2014-02-18 06:58 - 00149466 _____ () C:\Users\Bob B\Desktop\Dad_logo words 3.psd
2014-02-17 10:32 - 2014-02-17 10:32 - 00100124 _____ () C:\Users\Bob B\Desktop\Dad_logo-2-circle.psd
2014-02-17 06:56 - 2014-02-17 06:56 - 00351289 _____ () C:\Users\Bob B\Desktop\Dad_logo-1WhiteS.psd
2014-02-17 06:50 - 2014-02-17 06:50 - 00241578 _____ () C:\Users\Bob B\Desktop\Dad_logo-1White.psd
2014-02-17 06:41 - 2014-02-17 06:41 - 00242646 _____ () C:\Users\Bob B\Desktop\Dad_logo-1.psd
2014-02-16 20:45 - 2014-02-16 20:45 - 00017806 _____ () C:\Users\Bob B\Desktop\Dad_logo.jpf
2014-02-16 20:45 - 2013-04-13 17:25 - 00000000 ____D () C:\Users\Bob B\AppData\Local\VirtualStore
2014-02-15 10:16 - 2014-02-15 10:16 - 00063488 _____ () C:\Users\Bob B\Downloads\Office2003_SP3Changes.exe
2014-02-15 10:15 - 2014-02-15 10:15 - 00000000 ____D () C:\Office2003SP3Changes
2014-02-11 12:34 - 2013-12-23 14:16 - 00000000 ____D () C:\Users\Bob B\Desktop\Adobe
2014-02-07 18:03 - 2014-01-02 09:42 - 00000000 ____D () C:\Users\Bob B\Desktop\HOUSE TEST
2014-02-04 15:52 - 2013-12-17 09:58 - 00018432 ___SH () C:\Users\Bob B\Thumbs.db
2014-02-03 21:21 - 2009-07-14 00:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 08:32

==================== End Of Log ============================



#24 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 05 March 2014 - 07:26 PM

Oh my gosh Juliet, don't you ever take a rest. I didn't expect to hear from you until tomorrow. I really do appreciate your help. This is so far above my head.
 
I hope this is what you wanted me to do. Here is the log:

I do try to get my beauty sleep!

Nope,, not the log I wanted.

Look back a couple of post to see the fixlog I created,

If placed beside the FRST icon, then open FRST and just click on run.
The results log would be short and only show items I created a script for.

Maybe you ran it and it's on your desktop?
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#25 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 06 March 2014 - 07:01 AM

I placed the following log that you created on my desktop next to the Icon that says FRST64. I then double clicked the icon and clicked on the scan button and the following is the result. If that is not what you need, I guess I need different instructions.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014 02
Ran by Bob B (administrator) on DELL-1 on 06-03-2014 07:53:58
Running from C:\Users\Bob B\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] - C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-15] (Microsoft Corporation)
HKU\S-1-5-21-4004932578-999774799-4059474116-1000\...\Run: [AdobeBridge] - [X]
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x696A59449638CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {C4401D0E-088C-4AD4-B14A-8D6B1181A5E4} -  No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{145E688C-0E1D-4FC7-9A28-29DFD35E263A}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{37B82EDE-6860-4854-ABB3-D03820104E1C}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Bob B\AppData\Roaming\Mozilla\Firefox\Profiles\vp7u5c19.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Bob B\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKCU\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files (x86)\Social Privacy\FF\

==================== Services (Whitelisted) =================

S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 NewPlayerUpdaterService; "C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Bob B\Desktop\FRST-OlderVersion
2014-03-05 19:06 - 2014-03-05 19:06 - 00009439 _____ () C:\Users\Bob B\Desktop\ESETSCAN.txt
2014-03-05 15:23 - 2014-03-05 15:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 15:17 - 2014-03-05 15:17 - 02347384 _____ (ESET) C:\Users\Bob B\Downloads\esetsmartinstaller_enu.exe
2014-03-05 13:58 - 2014-03-05 13:58 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 13:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 13:55 - 2014-03-05 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bob B\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-05 13:33 - 2014-03-05 13:33 - 00448512 _____ (OldTimer Tools) C:\Users\Bob B\Desktop\TFC.exe
2014-03-05 11:23 - 2014-03-05 11:23 - 00002244 _____ () C:\Users\Bob B\Desktop\JRT.txt
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 11:13 - 2014-03-05 11:14 - 01037734 _____ (Thisisu) C:\Users\Bob B\Downloads\JRT.exe
2014-03-05 10:49 - 2014-03-05 10:49 - 01244192 _____ () C:\Users\Bob B\Desktop\AdwCleaner(2).exe
2014-03-05 10:19 - 2014-03-06 07:53 - 00010704 _____ () C:\Users\Bob B\Desktop\FRST.txt
2014-03-05 10:14 - 2014-03-05 20:16 - 02156544 _____ (Farbar) C:\Users\Bob B\Desktop\FRST64.exe
2014-03-05 09:56 - 2014-03-05 09:56 - 00000000 ____D () C:\Users\Bob B\Downloads\FRST-OlderVersion
2014-03-05 09:51 - 2014-03-05 20:15 - 00000272 _____ () C:\Users\Bob B\Desktop\fixlist.txt
2014-03-04 11:15 - 2014-03-04 11:16 - 00018500 _____ () C:\Users\Bob B\Downloads\Addition.txt
2014-03-04 11:14 - 2014-03-06 07:53 - 00000000 ____D () C:\FRST
2014-03-04 11:14 - 2014-03-04 11:16 - 00031498 _____ () C:\Users\Bob B\Downloads\FRST.txt
2014-03-04 11:09 - 2014-03-05 09:56 - 02157056 _____ (Farbar) C:\Users\Bob B\Downloads\FRST64.exe
2014-03-04 10:39 - 2014-03-04 10:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill(1).exe
2014-03-04 10:30 - 2014-03-04 10:43 - 00002152 _____ () C:\Users\Bob B\Desktop\Rkill.txt
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64-12321.exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64.exe
2014-03-04 10:29 - 2014-03-04 10:29 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill.exe
2014-03-04 09:43 - 2014-03-04 09:43 - 00844153 _____ () C:\Users\Bob B\Downloads\testleasetransaction.zip
2014-03-03 10:38 - 2014-03-05 19:14 - 00000000 ____D () C:\Users\Bob B\Documents\Personal Expenses
2014-03-03 09:01 - 2014-03-03 09:01 - 01244192 _____ () C:\Users\Bob B\Downloads\AdwCleaner(1).exe
2014-03-02 14:43 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\LavasoftStatistics
2014-03-02 11:20 - 2014-03-02 11:20 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\SecureSearch
2014-03-02 11:19 - 2014-03-02 14:40 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-02 11:16 - 2014-03-02 11:16 - 01727624 _____ () C:\Users\Bob B\Downloads\Adaware_Installer.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-01 14:14 - 2014-03-01 14:14 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\TuneUp Software
2014-03-01 14:12 - 2014-03-02 09:25 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-01 14:08 - 2014-03-02 09:25 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-01 14:08 - 2014-03-01 14:08 - 04435328 _____ (AVG Technologies) C:\Users\Bob B\Downloads\avg_avct_stb_all_2014_4158_futuretest3.exe
2014-03-01 14:08 - 2014-03-01 14:08 - 00000000 ____D () C:\Users\Bob B\AppData\Local\MFAData
2014-03-01 13:24 - 2014-03-01 13:24 - 00000000 ____D () C:\Program Files\My Dell
2014-03-01 11:42 - 2014-03-01 11:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bob B\Downloads\SpyHunter-Installer(2).exe
2014-03-01 09:58 - 2014-03-01 09:58 - 00000000 ___RD () C:\Users\Bob B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 09:55 - 2014-03-01 09:55 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Tuguu_SL
2014-02-28 17:57 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-28 17:57 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-28 17:57 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-28 17:57 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-28 17:56 - 2014-02-28 17:57 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-26 16:28 - 2014-02-26 16:33 - 00000000 ____D () C:\Users\Bob B\Desktop\New folder
2014-02-25 20:05 - 2014-02-25 20:08 - 00000000 ____D () C:\Users\Bob B\Desktop\Photography Info
2014-02-25 19:57 - 2014-02-26 16:30 - 00000000 ____D () C:\Users\Bob B\Desktop\iPhone pictures 2-25-14
2014-02-20 21:24 - 2014-02-20 21:27 - 06605814 _____ () C:\Users\Bob B\Desktop\Sawyer.psd
2014-02-18 06:58 - 2014-02-18 06:58 - 00149466 _____ () C:\Users\Bob B\Desktop\Dad_logo words 3.psd
2014-02-17 10:32 - 2014-02-17 10:32 - 00100124 _____ () C:\Users\Bob B\Desktop\Dad_logo-2-circle.psd
2014-02-17 06:56 - 2014-02-17 06:56 - 00351289 _____ () C:\Users\Bob B\Desktop\Dad_logo-1WhiteS.psd
2014-02-17 06:50 - 2014-02-17 06:50 - 00241578 _____ () C:\Users\Bob B\Desktop\Dad_logo-1White.psd
2014-02-17 06:41 - 2014-02-17 06:41 - 00242646 _____ () C:\Users\Bob B\Desktop\Dad_logo-1.psd
2014-02-16 20:45 - 2014-02-16 20:45 - 00017806 _____ () C:\Users\Bob B\Desktop\Dad_logo.jpf
2014-02-15 10:16 - 2014-02-15 10:16 - 00063488 _____ () C:\Users\Bob B\Downloads\Office2003_SP3Changes.exe
2014-02-15 10:15 - 2014-02-15 10:15 - 00000000 ____D () C:\Office2003SP3Changes
2014-02-06 19:35 - 2014-02-27 09:26 - 00000000 ____D () C:\Users\Bob B\Desktop\Website Pix

==================== One Month Modified Files and Folders =======

2014-03-06 07:54 - 2014-03-05 10:19 - 00010704 _____ () C:\Users\Bob B\Desktop\FRST.txt
2014-03-06 07:53 - 2014-03-04 11:14 - 00000000 ____D () C:\FRST
2014-03-06 07:28 - 2013-04-13 17:24 - 01613505 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 20:51 - 2013-04-16 06:07 - 00000000 ____D () C:\Users\Bob B\Desktop\Real Estate
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Bob B\Desktop\FRST-OlderVersion
2014-03-05 20:16 - 2014-03-05 10:14 - 02156544 _____ (Farbar) C:\Users\Bob B\Desktop\FRST64.exe
2014-03-05 20:15 - 2014-03-05 09:51 - 00000272 _____ () C:\Users\Bob B\Desktop\fixlist.txt
2014-03-05 19:14 - 2014-03-03 10:38 - 00000000 ____D () C:\Users\Bob B\Documents\Personal Expenses
2014-03-05 19:06 - 2014-03-05 19:06 - 00009439 _____ () C:\Users\Bob B\Desktop\ESETSCAN.txt
2014-03-05 15:23 - 2014-03-05 15:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-05 15:17 - 2014-03-05 15:17 - 02347384 _____ (ESET) C:\Users\Bob B\Downloads\esetsmartinstaller_enu.exe
2014-03-05 14:16 - 2009-07-13 23:45 - 00019712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 14:16 - 2009-07-13 23:45 - 00019712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 14:07 - 2013-11-01 11:16 - 00005078 _____ () C:\Windows\setupact.log
2014-03-05 14:07 - 2013-11-01 11:15 - 00046500 _____ () C:\Windows\PFRO.log
2014-03-05 14:07 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 13:58 - 2014-03-05 13:58 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 13:57 - 2014-03-05 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 13:55 - 2014-03-05 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Bob B\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-05 13:33 - 2014-03-05 13:33 - 00448512 _____ (OldTimer Tools) C:\Users\Bob B\Desktop\TFC.exe
2014-03-05 12:28 - 2014-01-13 11:24 - 00796420 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-05 11:23 - 2014-03-05 11:23 - 00002244 _____ () C:\Users\Bob B\Desktop\JRT.txt
2014-03-05 11:14 - 2014-03-05 11:14 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 11:14 - 2014-03-05 11:13 - 01037734 _____ (Thisisu) C:\Users\Bob B\Downloads\JRT.exe
2014-03-05 11:02 - 2013-11-13 14:25 - 00000000 ____D () C:\AdwCleaner
2014-03-05 10:49 - 2014-03-05 10:49 - 01244192 _____ () C:\Users\Bob B\Desktop\AdwCleaner(2).exe
2014-03-05 10:44 - 2013-04-16 06:05 - 00000000 ____D () C:\Users\Bob B\Desktop\PDF Files
2014-03-05 09:56 - 2014-03-05 09:56 - 00000000 ____D () C:\Users\Bob B\Downloads\FRST-OlderVersion
2014-03-05 09:56 - 2014-03-04 11:09 - 02157056 _____ (Farbar) C:\Users\Bob B\Downloads\FRST64.exe
2014-03-04 16:09 - 2013-04-13 15:25 - 00000000 ____D () C:\Users\Bob B\Documents\Scott's Folder
2014-03-04 11:16 - 2014-03-04 11:15 - 00018500 _____ () C:\Users\Bob B\Downloads\Addition.txt
2014-03-04 11:16 - 2014-03-04 11:14 - 00031498 _____ () C:\Users\Bob B\Downloads\FRST.txt
2014-03-04 10:43 - 2014-03-04 10:30 - 00002152 _____ () C:\Users\Bob B\Desktop\Rkill.txt
2014-03-04 10:40 - 2014-03-04 10:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill(1).exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64-12321.exe
2014-03-04 10:30 - 2014-03-04 10:30 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill64.exe
2014-03-04 10:29 - 2014-03-04 10:29 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Bob B\Downloads\rkill.exe
2014-03-04 10:25 - 2012-07-12 14:40 - 00056832 _____ () C:\Users\Bob Burkhard.Dell-1.000\Desktop\PW.xls
2014-03-04 09:43 - 2014-03-04 09:43 - 00844153 _____ () C:\Users\Bob B\Downloads\testleasetransaction.zip
2014-03-03 09:01 - 2014-03-03 09:01 - 01244192 _____ () C:\Users\Bob B\Downloads\AdwCleaner(1).exe
2014-03-02 14:43 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\LavasoftStatistics
2014-03-02 14:40 - 2014-03-02 11:19 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-02 11:20 - 2014-03-02 11:20 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\SecureSearch
2014-03-02 11:16 - 2014-03-02 11:16 - 01727624 _____ () C:\Users\Bob B\Downloads\Adaware_Installer.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-02 09:25 - 2014-03-01 14:12 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-02 09:25 - 2014-03-01 14:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-01 14:14 - 2014-03-01 14:14 - 00000000 ____D () C:\Users\Bob B\AppData\Roaming\TuneUp Software
2014-03-01 14:14 - 2013-06-20 18:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 14:08 - 2014-03-01 14:08 - 04435328 _____ (AVG Technologies) C:\Users\Bob B\Downloads\avg_avct_stb_all_2014_4158_futuretest3.exe
2014-03-01 14:08 - 2014-03-01 14:08 - 00000000 ____D () C:\Users\Bob B\AppData\Local\MFAData
2014-03-01 13:36 - 2013-04-30 10:16 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Citrix
2014-03-01 13:24 - 2014-03-01 13:24 - 00000000 ____D () C:\Program Files\My Dell
2014-03-01 11:42 - 2014-03-01 11:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bob B\Downloads\SpyHunter-Installer(2).exe
2014-03-01 11:41 - 2013-12-26 12:19 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2014-03-01 09:58 - 2014-03-01 09:58 - 00000000 ___RD () C:\Users\Bob B\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 09:55 - 2014-03-01 09:55 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Tuguu_SL
2014-02-28 19:55 - 2013-04-15 06:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-28 19:55 - 2013-04-15 06:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-28 19:54 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-28 18:12 - 2013-10-16 10:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-28 17:57 - 2014-02-28 17:56 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-28 17:57 - 2013-07-20 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-28 08:53 - 2013-08-25 19:11 - 00000000 ____D () C:\Users\Bob B\Documents\Fax
2014-02-28 08:53 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-27 09:26 - 2014-02-06 19:35 - 00000000 ____D () C:\Users\Bob B\Desktop\Website Pix
2014-02-26 16:33 - 2014-02-26 16:28 - 00000000 ____D () C:\Users\Bob B\Desktop\New folder
2014-02-26 16:30 - 2014-02-25 19:57 - 00000000 ____D () C:\Users\Bob B\Desktop\iPhone pictures 2-25-14
2014-02-26 09:05 - 2014-01-21 08:43 - 00000000 ____D () C:\Users\Bob B\Desktop\Bob Iphone 1-21-14
2014-02-25 20:08 - 2014-02-25 20:05 - 00000000 ____D () C:\Users\Bob B\Desktop\Photography Info
2014-02-25 19:44 - 2013-04-13 15:26 - 00000000 ___RD () C:\Users\Bob B\Desktop\Dropbox
2014-02-20 21:27 - 2014-02-20 21:24 - 06605814 _____ () C:\Users\Bob B\Desktop\Sawyer.psd
2014-02-20 13:09 - 2013-04-21 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-19 08:42 - 2013-04-14 06:57 - 00000000 ____D () C:\Users\Bob B\AppData\Local\Microsoft Help
2014-02-18 06:58 - 2014-02-18 06:58 - 00149466 _____ () C:\Users\Bob B\Desktop\Dad_logo words 3.psd
2014-02-17 10:32 - 2014-02-17 10:32 - 00100124 _____ () C:\Users\Bob B\Desktop\Dad_logo-2-circle.psd
2014-02-17 06:56 - 2014-02-17 06:56 - 00351289 _____ () C:\Users\Bob B\Desktop\Dad_logo-1WhiteS.psd
2014-02-17 06:50 - 2014-02-17 06:50 - 00241578 _____ () C:\Users\Bob B\Desktop\Dad_logo-1White.psd
2014-02-17 06:41 - 2014-02-17 06:41 - 00242646 _____ () C:\Users\Bob B\Desktop\Dad_logo-1.psd
2014-02-16 20:45 - 2014-02-16 20:45 - 00017806 _____ () C:\Users\Bob B\Desktop\Dad_logo.jpf
2014-02-16 20:45 - 2013-04-13 17:25 - 00000000 ____D () C:\Users\Bob B\AppData\Local\VirtualStore
2014-02-15 10:16 - 2014-02-15 10:16 - 00063488 _____ () C:\Users\Bob B\Downloads\Office2003_SP3Changes.exe
2014-02-15 10:15 - 2014-02-15 10:15 - 00000000 ____D () C:\Office2003SP3Changes
2014-02-11 12:34 - 2013-12-23 14:16 - 00000000 ____D () C:\Users\Bob B\Desktop\Adobe
2014-02-07 18:03 - 2014-01-02 09:42 - 00000000 ____D () C:\Users\Bob B\Desktop\HOUSE TEST
2014-02-04 15:52 - 2013-12-17 09:58 - 00018432 ___SH () C:\Users\Bob B\Thumbs.db

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 08:32

==================== End Of Log ============================


    Advertisements

Register to Remove


#26 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 06 March 2014 - 08:30 AM

I placed the following log that you created on my desktop next to the Icon that says FRST64. I then double clicked the icon and clicked on the scan button

If you would, double click on the FRST icon to open, make sure the fix.txt is still located beside it, then click on the FIX button.
This should produce a log for me to see.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#27 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 06 March 2014 - 08:43 AM

OK, hope this is the right log: system booted by itself.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-03-2014 02
Ran by Bob B at 2014-03-06 09:38:22 Run:1
Running from C:\Users\Bob B\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe
C:\Program Files (x86)\Uninstaller\Uninstall.exe
C:\Users\Bob B\Downloads\belarcadvisor-setup.exe
C:\Users\Bob B\Downloads\ccsetup406.exe
C:\Users\Bob Burkhard.Dell-1.000\Downloads\registrybooster.exe
Reboot:
end
*****************

C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe => Moved successfully.
C:\Program Files (x86)\Uninstaller\Uninstall.exe => Moved successfully.
C:\Users\Bob B\Downloads\belarcadvisor-setup.exe => Moved successfully.
C:\Users\Bob B\Downloads\ccsetup406.exe => Moved successfully.
C:\Users\Bob Burkhard.Dell-1.000\Downloads\registrybooster.exe => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====



#28 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 06 March 2014 - 08:46 AM

yabba dabba do
That got it.

How is the computer now?

From where I am and see, your looking good to me.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#29 bobburk3

bobburk3

    Authentic Member

  • Authentic Member
  • PipPip
  • 35 posts

Posted 06 March 2014 - 08:50 AM

hahaha. The computer seems to be working fine now. Thank you so much for your help and for sticking with me as I stumbled through it. btw, my wife and I lived in Cleveland TN for a couple of years and thought the countryside was just beautiful.



#30 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 06 March 2014 - 09:03 AM

Well, I must say I think Tennessee is gorgeous!

Ok, let's see if you have any outdated applications or open exploits that need to be closed.


Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users