Text only | Text with Images

LandzDown Forum

Security => Analysis and Malware Removal => Topic started by: lisa20 on January 12, 2014, 08:45:46 PM

Title: Virus and computer issues
Post by: lisa20 on January 12, 2014, 08:45:46 PM
Internet/computer issues so unable to get this step completed: Copy/paste checkup.txt from SecurityCheck to your reply. I replied to my original post with "403 forbidden" error. My computer runs the fan a lot like it is downloading or booting. My system is a lot slower. Please advise on how to fix step 3 since my computer forbid it.   :sad:

Here are the two logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by lisa at 14:24:59 on 2014-01-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3758.2135 [GMT -6:00]
.
AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\SysWOW64\DllHost.exe
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Windows\system32\Dwm.exe
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXE
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
C:\Program Files\Sony\VAIO Care\Admload.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.coupons.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {868978c8-95f3-4020-a5cd-5a16d60e36ca} - C:\Program Files (x86)\Dividend Miles Toolbar\Helper.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Dividend Miles Toolbar BHO: {69CD690C-70B1-4333-AD69-28FFF7118C56} - C:\Program Files (x86)\Dividend Miles Toolbar\Toolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {EA66B8E3-A3DD-4CCA-9D22-5BA5FFF9FEE8} - <orphaned>
BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Dividend Miles Toolbar: {3948072D-28FE-4206-9F7F-2AFF92B24679} - C:\Program Files (x86)\Dividend Miles Toolbar\Toolbar.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: Dividend Miles Toolbar: {3948072D-28FE-4206-9F7F-2AFF92B24679} - C:\Program Files (x86)\Dividend Miles Toolbar\Toolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [F-Secure Manager] "C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE" /splash
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [F-Secure Hoster (42626)] "C:\Program Files (x86)\Charter Security Suite\fshoster32.exe" -app -hosterid:1
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\lisa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{57A09F4D-5472-450A-88FA-CD092971DA04} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{57A09F4D-5472-450A-88FA-CD092971DA04}\C4943514D2651494F4F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB} : DHCPNameServer = 68.111.16.25 68.111.16.30
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [IntelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\System32\rundll32.exe C:\Windows\System32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD630FFB7-6A0A-4921-933A-0F771C9511A8&SSPV=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\lisa\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\lisa\AppData\Roaming\CATALI~2\npBcsKtTcHW.dll
FF - plugin: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\extensions\{3112ca9c-de6d-4884-a869-9855de680400}\plugins\npRNowPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc, BRI/1
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-2-21 56016]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2013-12-11 69296]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-2-21 13248]
R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-12-16 2251552]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [2013-5-15 191424]
R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [2012-8-6 60352]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2013-7-2 61440]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-12 94208]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-12 78848]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-9-25 259192]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-27 2320920]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-7-27 575856]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-7-27 836608]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168]
R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104]
R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2013-2-21 203304]
R3 fsni;fsni;C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys [2013-4-25 80832]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-3 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-30 317440]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-6 304496]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-9-25 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-12-21 1369136]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-4-16 39832]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-12 402720]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-7-19 340240]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-3-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-26 1255736]
.
=============== Created Last 30 ================
.
2014-01-11 02:03:44   10315576   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9BBBD09-68CF-45B7-B03D-90196DA6A02E}\mpengine.dll
.
==================== Find3M  ====================
.
2013-12-12 09:01:32   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:01:32   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-12 09:01:12   9293192   ----a-w-   C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-11-26 18:25:52   267936   ------w-   C:\Windows\System32\MpSigStub.exe
2013-11-26 12:11:06   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-26 12:11:06   194048   ----a-w-   C:\Windows\SysWow64\elshyph.dll
2013-11-26 10:19:07   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57   708608   ----a-w-   C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02   5769216   ----a-w-   C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16   553472   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12   4243968   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16   1995264   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06   1928192   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57   2334208   ----a-w-   C:\Windows\System32\wininet.dll
2013-11-26 06:33:33   1820160   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20   417792   ----a-w-   C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34   465920   ----a-w-   C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09   2048   ----a-w-   C:\Windows\System32\tzres.dll
2013-11-12 02:07:29   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01   335360   ----a-w-   C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52   301568   ----a-w-   C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31   3155968   ----a-w-   C:\Windows\System32\win32k.sys
2013-10-19 02:18:57   81408   ----a-w-   C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59   159232   ----a-w-   C:\Windows\SysWow64\imagehlp.dll
.
============= FINISH: 14:27:35.91 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/26/2011 6:21:28 PM
System Uptime: 1/12/2014 8:00:17 AM (6 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel(R) Core(TM) i3 CPU       M 370  @ 2.40GHz | N/A | 2399/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 218.457 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP391: 11/26/2013 3:00:47 AM - Windows Update
RP393: 11/26/2013 6:09:13 AM - Windows Update
RP395: 12/1/2013 1:17:27 PM - Installed Java 7 Update 45
RP397: 12/12/2013 3:01:59 AM - Windows Update
RP399: 12/14/2013 3:00:44 AM - Windows Update
RP401: 1/4/2014 5:34:28 PM - Windows Update
RP403: 1/10/2014 8:01:22 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Alps Pointing-device for VAIO
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Manager for VAIO
ArcSoft WebCam Companion 3
Ask Toolbar
Ask Toolbar Updater
AVS Image Converter 1.3.3.146
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Best Buy pc app
Bing Bar
Bing Rewards Client Installer
Bonjour
Catalina Savings Printer
Charter Security Suite
Computer Security 12.83.104.0 (release)
Coupon Printer for Windows
CouponBar
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dividend Miles Toolbar
eFile Express 2010
eFile Express 2011
eMusic Download Manager
F-Secure CCF Reputation
F-Secure CCF Scanning 1.23.124.8831 (release)
F-Secure Network CCF 1.02.128
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HP Photo Creations
HP Photosmart Plus B210 series Basic Device Software
HP Photosmart Plus B210 series Help
HP Photosmart Plus B210 series Product Improvement Study
HP Update
Intel PROSet Wireless
Intel WiMAX Tutorial
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Intel® PROSet/Wireless WiMAX Software
iTunes
Java 7 Update 45
Java Auto Updater
Java(TM) 6 Update 20 (64-bit)
Java(TM) 6 Update 30
JavaFX 2.1.1
Junk Mail filter update
Media Gallery
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobogenie
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Oasis2Service
Online Safety 2.83.1329.952
OOBE
PlayReady PC Runtime amd64
PMB
PMB VAIO Edition Guide
PMB VAIO Edition plug-in (Click to Disc)
PMB VAIO Edition plug-in (VAIO Image Optimizer)
PMB VAIO Edition plug-in (VAIO Movie Story)
QuickTime
Realtek High Definition Audio Driver
Remote Keyboard
Remote Play with PlayStation 3
Remote Play with PlayStation®3
Search Protect
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition plug-in (Click to Disc)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
VAIO - Remote Keyboard
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Manual
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Messenger
VAIO Movie Story Template Data
VAIO Quick Web Access
VAIO Sample Contents
VAIO Smart Network
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Wireless Wizard
VGClientX64
VGClientX86
VU5x64
VU5x86
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WiseConvert
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/8/2014 7:14:29 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Rapid Storage Technology service to connect.
1/8/2014 7:14:29 PM, Error: Service Control Manager [7000]  - The Intel(R) Rapid Storage Technology service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/11/2014 5:44:09 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the F-Secure Dll Hoster service, but this action failed with the following error:  An instance of the service is already running.
1/11/2014 5:43:59 AM, Error: Service Control Manager [7031]  - The F-Secure Dll Hoster service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
1/10/2014 7:54:02 PM, Error: F-Secure Gatekeeper [1]  -
1/10/2014 7:53:51 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Oasis2Service service to connect.
1/10/2014 7:53:51 PM, Error: Service Control Manager [7000]  - The Oasis2Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================


Title: Re: Virus and computer issues
Post by: Corrine on January 12, 2014, 08:55:40 PM
Please start by uninstalling the following:

Ask Toolbar
Ask Toolbar Updater
Java(TM) 6 Update 20 (64-bit)
Java(TM) 6 Update 30
JavaFX 2.1.1

Next, please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.
Title: Re: Virus and computer issues
Post by: lisa20 on January 12, 2014, 10:36:28 PM
I was able to uninstall every program except Ask Toolbar Updater--I received error message, "You do not have sufficient access to uninstall Ask Toolbar Updater. contact your administrator. Sorry! Also, I'm having issues downloading AdwCleaner.exe. I have Windows 7--I get a "unzip" program and last time some computer fix software ran. I haven't been able to download AdwCleaner.exe. Is there another way?
Title: Re: Virus and computer issues
Post by: Corrine on January 13, 2014, 12:23:37 AM
We'll take care of Ask a different way.

Here is a direct download link for AdwCleaner:  http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
Title: Re: Virus and computer issues
Post by: lisa20 on January 13, 2014, 10:41:12 AM
Ok. I will try it soon! However, when I clicked on AdwCleaner.exe, it directed me to "C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe". Now I have that on my desktop with "free games," and "advanced system protector." I've successfully deleted "backup system." I will assume that I need to delete all of these before I download AdwCleaner. I will keep you posted if I run into other errors. Thank you much!
Title: Re: Virus and computer issues
Post by: lisa20 on January 13, 2014, 10:52:50 AM
First, I received a security warning, "Adwcleaner isn't commonly downloaded and can harm..." and it prevented me from downloading it. I was able to click on more options and run it. I think it worked--it only from three "services" to delete--I clicked on the "clean" button. I was able to click on the report:

# AdwCleaner v3.017 - Report created 13/01/2014 at 04:47:44
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : lisa - LISA-VAIO
# Running from : C:\Users\lisa\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : hlsvc
Service Found : hlnfd

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Found : C:\Users\lisa\AppData\Local\mysearchdial-speeddial.crx
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\invalidprefs.js
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\searchplugins\Askcom.xml
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\searchplugins\bingp.xml
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\searchplugins\conduit-search.xml
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\searchplugins\search-the-web.xml
File Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\user.js
File Found : C:\Users\lisa\Desktop\MySearchDial.url
File Found : C:\Users\Public\Desktop\Open It!.lnk
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\MySearchDial
File Found : C:\Windows\Tasks\MySearchDial.job
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\gethighlightly@gethighlightly.com
Folder Found : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Folder Found : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found C:\Program Files (x86)\Highlightly
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\Mysearchdial
Folder Found C:\Program Files (x86)\openit
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files\Highlightly
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\lisa\AppData\Local\Mobogenie
Folder Found C:\Users\lisa\AppData\Local\Searchprotect
Folder Found C:\Users\lisa\AppData\LocalLow\Toolbar4
Folder Found C:\Users\lisa\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Found C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found C:\Users\lisa\AppData\Roaming\Mysearchdial
Folder Found C:\Users\lisa\AppData\Roaming\Systweak
Folder Found C:\Users\lisa\Documents\Mobogenie

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger\View Inbox.lnk ( DDNi.Caravan,Inbox )

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.FCTB000063323Pos
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.FCTB000063323Pos.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.JSOptionsImpl
Key Found : HKLM\SOFTWARE\Classes\FCTB000063323.JSOptionsImpl.1
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Found : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : [x64] HKLM\SOFTWARE\DeviceVM
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuyCyE0DyE0D0AtCtB0A0F0AyDtD0E0EzytN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=485685207&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuyCyE0DyE0D0AtCtB0A0F0AyDtD0E0EzytN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=485685207&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=dsites0101&cd=2XzuyEtN2Y1L1QzuyCyE0DyE0D0AtCtB0A0F0AyDtD0E0EzytN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=485685207&ir=
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuyCyE0DyE0D0AtCtB0A0F0AyDtD0E0EzytN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=485685207&ir=

-\\ Mozilla Firefox v15.0.1 (en-US)

[ File : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\prefs.js ]

Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuyCyE0DyE0D0AtCtB0A0F0AyDtD0E0EzytN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P[...]
Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPD630FFB7-6A0A-4921-933A-0F771C9511A8");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [20283 octets] - [13/01/2014 04:47:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20344 octets] ##########
Title: Re: Virus and computer issues
Post by: lisa20 on January 13, 2014, 11:07:45 AM
Corrine,

Thank you!!!!!!!!!!!!!!!!!!!!!!!!!!!! My computer looks normal again...m :mitch: :dance: You made my day!

I was able to reboot my system and Adwcleaner report is now this:

# AdwCleaner v3.017 - Report created 13/01/2014 at 04:53:14
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : lisa - LISA-VAIO
# Running from : C:\Users\lisa\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Title: Re: Virus and computer issues
Post by: Corrine on January 13, 2014, 03:44:24 PM
Hi, Lisa.

With the direct download link I gave you, there shouldn't have been any problems.  With all that AdwCleaner found, I'd like you to run a couple of other programs. 

1.  First, however, you have a very outdated version of Firefox installed.  The current version is 26.0 and you have Mozilla Firefox 15.0.1.  To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."

2.  Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/) to your desktop.
3.  Please download Malwarebytes' Anti-Malware to your desktop from here (http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/dl/7/).  Note:  I provided a direct download link.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Title: Re: Virus and computer issues
Post by: lisa20 on January 16, 2014, 01:58:40 AM
Thank you! I updated FireFox. I'm having problems downloading the "Junkware Removal Tool." It links me to this website: http://www.ziputil.net/gb/si?adnm=35487798066&i=s&grid=Managed&lg=EN&cc=US&clg=en&c=1&d=0&cid=_620764461&kw=free%20downloads&mt=&mn=www.bleepingcomputer.com&ct=&nt=D&expr=&ap=none&dv=c&agid=_6200991288

Is there another way? I clicked on the download button or automatically a pop-up with "run." These programs aren't for the junkware software.

Sorry! I have other problems again with links--I'm getting a lot of redirects to "spam" sites...
Title: Re: Virus and computer issues
Post by: lisa20 on January 16, 2014, 02:05:19 AM
Step 3 I get this when I click on direct link to downloading Malwarebytes Anti-Malware: http://easy7zip.com/7zip?subid=&subid2=www.bleepingcomputer.com&source=google_7zip-display-us-728x90-emulator-zoneo-34774251980&adprovider=google_easy7zip.com&gclid=CNS20qHNgbwCFY1FMgodPwMAxA
Title: Re: Virus and computer issues
Post by: Corrine on January 16, 2014, 03:19:57 PM
Lisa, I provided direct download links for both programs.  Which browser do you normally use? 

Depending on which browser you are using, when you click on the link in my instructions, after a few seconds, you will see something like the examples in the images below.   

The file for download will open in Firefox after a few seconds. Click Save File. 

(https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fimg.photobucket.com%2Falbums%2Fv68%2FCorrine3%2FMBAM_FF_zpsd845f98b.jpg&hash=d9bd50619ff6b031dc9b2b1b9562cda6e9329eb2) (http://smg.photobucket.com/user/Corrine3/media/MBAM_FF_zpsd845f98b.jpg.html)

With IE, you will see the option below after a few seconds.  Click Save.

(https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fimg.photobucket.com%2Falbums%2Fv68%2FCorrine3%2FMBAM_IE_zps3107ac7d.jpg&hash=2f5b88e8578e23a870d5838ba1558fe0e15a088a) (http://smg.photobucket.com/user/Corrine3/media/MBAM_IE_zps3107ac7d.jpg.html)

Title: Re: Virus and computer issues
Post by: lisa20 on January 18, 2014, 06:53:53 PM
Hello! I was using IE. Finally there were some upgrades... I was able to download Malware. I was unsure if some were system files so I didn't delete them. Here is the log:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.18.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
lisa :: LISA-VAIO [administrator]

Protection: Enabled

1/18/2014 12:19:01 PM
mbam-log-2014-01-18 (12-19-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228112
Time elapsed: 15 minute(s), 56 second(s)

Memory Processes Detected: 2
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 1376 -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 1256 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 22
HKCR\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f325945d-dafe-4312-95d8-1913aeb1d810} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKCR\Interface\{4318395F-DFF1-48AF-B5F0-958E93D16D56} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip) -> Quarantined and deleted successfully.
HKCR\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EA3802D2-C00A-4478-9319-34075A31C28F} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\Interface\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Util Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites (PUP.Optional.Updater) -> Quarantined and deleted successfully.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> No action taken.
C:\Program Files (x86)\Jump Flip (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\bin (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\bin\plugins (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\CT3318857 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 41
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> No action taken.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> No action taken.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> No action taken.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT (PUP.Optional.Updater) -> No action taken.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT (PUP.Optional.Updater) -> No action taken.
C:\Users\lisa\AppData\Local\Temp\nsb301B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\nsbA1C6.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\nsg3347.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\nsg9C1A.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\nsl3625.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\nsw9575.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\SPWrap.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\is357113909\25847103_stp\Mysearchdial.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\is357113909\25847287_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsd9487.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsdCD34.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsn3C13.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsn9429.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsnD07E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsx5F0E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\GWAHAU90\Setup[1].exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\GWAHAU90\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\GWAHAU90\ZipOpenerSetup.exe (PUP.Optional.JumpyApps.A) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\T9U2RXCD\7zip_14315_2210.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\Z77T8QV9\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\lisa\Local Settings\Temporary Internet Files\Content.IE5\Z77T8QV9\ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\JumpFlip.ico (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\sqlite3.exe (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\sqlite3.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Delete on reboot.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.CompatibilityChecker.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.IEUpdate.dll (PUP.Optional.JumpFlip.A) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Local\Temp\CT3318857\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)
Title: Re: Virus and computer issues
Post by: Corrine on January 19, 2014, 12:42:51 AM
I was unsure if some were system files so I didn't delete them.

Believe me, they aren't system files.  :) 

1.  Please scan with MBAM again:
Title: Re: Virus and computer issues
Post by: lisa20 on January 19, 2014, 01:57:47 AM
Ok. I completed Step 1:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.18.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
lisa :: LISA-VAIO [administrator]

Protection: Enabled

1/18/2014 7:34:31 PM
mbam-log-2014-01-18 (19-34-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227963
Time elapsed: 13 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Quarantined and deleted successfully.

Files Detected: 5
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\lisa\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT (PUP.Optional.Updater) -> Quarantined and deleted successfully.

(end)

I will reboot and post Step 2.
Title: Re: Virus and computer issues
Post by: lisa20 on January 19, 2014, 02:49:24 AM
Thank you again! Is this everything? :) I am more careful about downloading. :)

Step 2:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by lisa on Sat 01/18/2014 at 20:10:49.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\couponalert_2pei
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A565EEA-8368-49EF-95DF-43B9CC15D60B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{50DE19D0-C4D5-4E8B-BA0C-ECED8FE233F9}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"



~~~ Folders

Successfully deleted: [Folder] C:\Users\lisa\AppData\LocalLow\FCTB000063323
Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\lisa\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Program Files (x86)\couponalert_2pei"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons.com couponbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\wiseconvert"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\lisa\AppData\Roaming\mozilla\firefox\profiles\u7asfcq0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1c43baf1-00c2-40a8-a09e-f84cfd79546d}
Successfully deleted the following from C:\Users\lisa\AppData\Roaming\mozilla\firefox\profiles\u7asfcq0.default\prefs.js

user_pref("extensions.mysearchdial.cntry", "US");
user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,32
user_pref("extensions.mysearchdial.hdrMd5", "");
user_pref("extensions.mysearchdial.lastB", "chrome://branding/locale/browserconfig.properties");
user_pref("extensions.mysearchdial.lastVrsnTs", "");
user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"90\",\"lastVrsn\":\"90\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\
user_pref("extensions.mysearchdial.sg", "{smplGrp}");
Emptied folder: C:\Users\lisa\AppData\Roaming\mozilla\firefox\profiles\u7asfcq0.default\minidumps [32 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/18/2014 at 20:34:53.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Title: Re: Virus and computer issues
Post by: Corrine on January 19, 2014, 03:30:30 PM
You are right about being careful when downloading.  When installing programs, whenever possible, locate the program/vendor home site rather than using one of the download sites.  Before installing a new program, create a fresh restore point.  That way, if things go south, you can restore your computer to the point prior to installation of the program.  It is also critical to read each screen when installing something. 

Now, let's take care of the tools we used.

1.  Right-click JRT on your desktop and select Delete.  Then do the following to uninstall AdwCleaner:

2.  Double-click on AdwCleaner.exe to run the tool again.
3.  Delete SecurityCheck from your desktop but please note that there have been major security updates since we started.  See the General Software News, Updates & Discussions (http://www.landzdown.com/general-software-news-updates-discussions/) forum for information on the latest updates for Oracle Java, Adobe Reader and Adobe Flash Player.

Please refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?" (http://securitygarden.blogspot.com/p/blog-page.html).
Text only | Text with Images