Solved DownLoad Manager

JTee · 2013/07/03

My goodness Broni, it's done!!! Thank you so very very much for your time, brainpower & energy!! I've not been on WindowsBBS in so long, I forgot how to show it is 'Resolved'!

broni · 2013/07/04

You didn't finish all steps from my reply #18.

JTee · 2013/07/04

Sorry about that; I'm almost braindead.
Results of screen317's Security Check version 0.99.68
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Security Suite
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader 10.1.7 Adobe Reader out of Date!
Google Chrome 27.0.1453.110
Google Chrome 27.0.1453.116
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

FSS:
Farbar Service Scanner Version: 27-06-2013
Ran by JayeTee (administrator) on 04-07-2013 at 19:41:45
Running from "C:\Users\JayeTee\Desktop "
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall "=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Other Services:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-06-12 09:43] - [2013-05-07 21:37] - 0905576 ____A (Microsoft Corporation) 548E198BAE21EFC21F8B5F0C1728AD27

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-06-12 09:42] - [2013-04-23 21:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****
I ran the TFC, but it produced nothing & I did not have to restart.
As well, I ran the ESET and it did not produce anything - no threats & It did not give the option to export to text & it did not produce a report to post.

broni · 2013/07/04

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB) and install one of two free alternatives:

- Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

- PDF-XChange Viewer: http://www.tracker-software.com/product/pdf-xchange-viewer

===================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

JTee · 2013/07/05

I'm uninstalling Adobe Reader X (10.1.7) which is what I presently have; when I tried to download & install Foxit PDF Reader my computer gave me the msg that UPDF was not safe & it was removed; should I uninstall Adobe AIR & download Assistant as well? With Foxit, can I keep Adobe Flash Player? I will run OTL again as stated above & post.
I never received anything from you or the items you last had me run that stated I had any threats, as a matter of fact they stated no threats.
OTL:
OTL logfile created on: 7/5/2013 9:15:26 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JayeTee\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.82 Mb Total Physical Memory | 215.11 Mb Available Physical Memory | 28.05% Memory free
1.76 Gb Paging File | 0.67 Gb Available in Paging File | 38.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.78 Gb Total Space | 36.12 Gb Free Space | 51.76% Space Free | Partition Type: NTFS
Drive D: | 69.51 Gb Total Space | 60.47 Gb Free Space | 86.99% Space Free | Partition Type: NTFS

Computer Name: JT | User Name: JayeTee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/01 20:43:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JayeTee\Desktop\OTL.exe
PRC - [2013/06/24 20:38:55 | 000,313,856 | ---- | M] (Adknowledge) -- C:\Program Files\Mobile App Sync\D2MClient.exe
PRC - [2013/06/20 22:43:13 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/06/11 22:33:02 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013/05/24 11:02:55 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/12/23 20:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/02/15 02:07:16 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/01/31 19:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/24 10:27:50 | 000,319,488 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007/01/12 21:25:28 | 000,274,520 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
PRC - [2007/01/12 21:25:28 | 000,118,870 | ---- | M] () -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
PRC - [2006/12/29 17:51:56 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\Pixart\Pac7302\Monitor.exe
PRC - [2006/10/09 04:43:44 | 000,729,088 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

========== Modules (No Company Name) ==========

MOD - [2013/05/19 17:12:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013/05/19 17:09:55 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/03/02 04:42:23 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/03/02 04:41:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/03/02 04:21:21 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/03/02 04:21:12 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/05/30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Security Suite\Engine\20.3.1.22\wincfi39.dll
MOD - [2007/01/24 10:27:50 | 000,319,488 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2006/10/09 04:43:50 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006/10/09 04:43:50 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006/10/09 04:43:50 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006/10/09 04:43:50 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006/10/09 04:43:48 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006/10/09 04:43:48 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006/10/09 04:43:48 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006/10/09 04:43:48 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006/10/09 04:43:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006/10/09 04:43:48 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll

========== Services (SafeList) ==========

SRV - [2013/06/11 22:33:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/23 20:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 19:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/12 21:25:28 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc)
SRV - [2007/01/12 21:25:28 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe -- (CLSched)
SRV - [2006/12/29 17:51:56 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)

========== Driver Services (SafeList) ==========

DRV - [2013/06/28 09:56:27 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130705.017\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/28 09:56:27 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/06/28 09:56:27 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130705.017\NAVENG.SYS -- (NAVENG)
DRV - [2013/06/25 21:51:49 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/06/25 14:27:46 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130705.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/06/20 22:05:02 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/02/25 01:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/30 20:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys -- (SymEFA)
DRV - [2013/01/28 18:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP)
DRV - [2013/01/28 18:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX)
DRV - [2013/01/21 19:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys -- (SymDS)
DRV - [2012/11/15 19:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys -- (ccSet_N360)
DRV - [2012/07/27 20:05:22 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys -- (SymIRON)
DRV - [2012/07/22 18:34:24 | 000,350,368 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symtdiv.sys -- (SYMTDIv)
DRV - [2008/06/20 01:04:00 | 007,468,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/06/14 15:29:08 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007/01/27 02:21:04 | 000,101,160 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/12/07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/10/09 04:47:58 | 000,981,504 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/09/19 17:47:04 | 000,080,744 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}: "URL" = http://www.bing.com/search?FORM=UP68DF&PC=UP68&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\SearchScopes\{D3D06168-28A7-4889-9F0F-290D5C509217}: "URL" = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20130311,17841,0,18,0
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/20 22:45:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/20 22:45:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/06/25 21:55:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/07/05 20:19:08 | 000,000,000 | ---D | M]

[2013/06/26 22:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JayeTee\AppData\Roaming\Mozilla\Firefox\extensions
[2013/06/26 22:51:51 | 000,000,000 | ---D | M] (InfoSeeker) -- C:\Users\JayeTee\AppData\Roaming\Mozilla\Firefox\extensions\support@infoseekerapp.com

========== Chrome ==========

CHR - default_search_provider: Bing ()
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: First user (Disabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Shockwave Toolbar = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaobhcmeiifeadmdbjbpbdngaoille\7.15.25.0_0\
CHR - Extension: Google Docs = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: InfoSeeker = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.14_0\
CHR - Extension: Norton Identity Protection = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Gmail = C:\Users\JayeTee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000..\Run: [MobileAppSync] C:\Program Files\Mobile App Sync\D2MClient.exe (Adknowledge)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1391460031-1594758564-2594004218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.238.239.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69E14A43-1964-4C36-9C15-F7285A51AC77}: DhcpNameServer = 10.238.239.61
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/05 20:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileOpenerPro
[2013/07/04 19:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/07/02 20:33:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/01 22:12:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/07/01 22:11:57 | 000,000,000 | ---D | C] -- C:\JRT
[2013/07/01 20:43:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JayeTee\Desktop\OTL.exe
[2013/06/30 23:55:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/06/30 23:55:51 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Local\temp
[2013/06/30 23:54:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/06/30 23:35:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/06/30 23:35:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/06/30 23:35:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/06/30 23:15:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/30 23:13:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/06/30 14:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/06/30 14:42:58 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\Documents\mbar-1.06.0.1004
[2013/06/28 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Roaming\Malwarebytes
[2013/06/28 19:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/06/26 23:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013/06/26 23:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2013/06/26 22:55:01 | 000,350,368 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symtdiv.sys
[2013/06/26 22:55:01 | 000,338,592 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys
[2013/06/26 22:55:00 | 000,934,488 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys
[2013/06/26 22:55:00 | 000,367,704 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys
[2013/06/26 22:55:00 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symelam.sys
[2013/06/26 22:54:59 | 000,602,712 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys
[2013/06/26 22:54:59 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys
[2013/06/26 22:54:59 | 000,134,304 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys
[2013/06/26 22:54:59 | 000,032,344 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys
[2013/06/26 22:53:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\1403010.016
[2013/06/26 22:51:51 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Roaming\Mozilla
[2013/06/26 22:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\InfoSeeker
[2013/06/25 21:51:49 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2013/06/25 21:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/06/25 21:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/06/25 21:49:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2013/06/25 21:49:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2013/06/25 21:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite
[2013/06/25 21:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013/06/24 20:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile App Sync
[2013/06/24 20:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mobile App Sync
[2013/06/20 23:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/06/20 22:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Helper
[2013/06/20 22:47:03 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Roaming\RealNetworks
[2013/06/20 22:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2013/06/20 22:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/06/20 22:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2013/06/20 22:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/06/20 22:43:19 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/06/20 22:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2013/06/20 22:40:55 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Roaming\Real
[2013/06/20 22:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/06/20 22:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/06/20 22:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave.com
[2013/06/20 22:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\Shockwave.com
[2013/06/20 15:27:35 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Local\MigWiz
[2013/06/20 14:57:06 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Local\Microsoft Corporation
[2013/06/18 16:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/06/17 12:03:22 | 000,000,000 | ---D | C] -- C:\Users\JayeTee\AppData\Local\SlimWare Utilities Inc
[2013/06/17 12:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
[2013/06/17 12:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2013/06/17 12:02:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013/06/09 20:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/06/09 20:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/09 20:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/06/09 20:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/07 21:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/06/07 21:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/06/06 20:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant

========== Files - Modified Within 30 Days ==========

[2013/07/05 21:08:05 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/05 20:32:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/05 20:17:06 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/05 20:17:06 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/05 20:16:49 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/05 20:16:02 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2013/07/05 20:15:58 | 804,839,424 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/01 21:09:10 | 000,000,174 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/07/01 20:43:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JayeTee\Desktop\OTL.exe
[2013/06/27 11:37:49 | 002,986,440 | ---- | M] (Symantec Corporation) -- C:\Users\JayeTee\Desktop\NPE.exe
[2013/06/27 11:37:16 | 006,257,640 | ---- | M] (Symantec Corporation) -- C:\Users\JayeTee\Desktop\NRnR.exe
[2013/06/27 10:02:20 | 001,896,183 | ---- | M] () -- C:\Windows\System32\drivers\N360\1403010.016\Cat.DB
[2013/06/27 10:00:43 | 000,014,818 | ---- | M] () -- C:\Windows\System32\drivers\N360\1403010.016\VT20130115.021
[2013/06/26 22:44:09 | 000,002,497 | ---- | M] () -- C:\Users\JayeTee\Desktop\Microsoft Office PowerPoint Viewer 2007.lnk
[2013/06/26 16:33:33 | 000,001,875 | ---- | M] () -- C:\Users\JayeTee\Desktop\Wordpad.lnk
[2013/06/25 21:51:49 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2013/06/25 21:51:49 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2013/06/25 21:51:49 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2013/06/25 21:39:03 | 000,000,902 | ---- | M] () -- C:\Users\JayeTee\Desktop\Norton Installation Files.lnk
[2013/06/25 21:16:42 | 001,610,083 | ---- | M] () -- C:\Users\JayeTee\Documents\Map of US.rtf
[2013/06/21 12:38:10 | 000,000,223 | ---- | M] () -- C:\Users\JayeTee\Desktop\http--myrouter.local-signin.url
[2013/06/20 22:45:21 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/06/20 22:43:19 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2013/06/20 22:34:39 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\Shockwave Games.lnk
[2013/06/20 22:34:38 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Super Collapse! II.lnk
[2013/06/20 22:33:09 | 000,000,680 | ---- | M] () -- C:\Users\JayeTee\AppData\Local\d3d9caps.dat
[2013/06/20 12:18:54 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/19 22:38:14 | 000,000,947 | ---- | M] () -- C:\Users\JayeTee\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/18 09:22:49 | 000,001,999 | ---- | M] () -- C:\Users\JayeTee\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/17 12:03:07 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/06/17 11:54:10 | 002,026,306 | ---- | M] () -- C:\Users\JayeTee\Desktop\e.mht
[2013/06/09 20:37:54 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/06/07 10:11:16 | 000,231,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/06/06 20:42:59 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk

========== Files Created - No Company Name ==========

[2013/07/01 21:08:42 | 000,000,174 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/06/30 23:35:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/30 23:35:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/30 23:35:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/30 23:35:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/30 23:35:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/06/27 10:00:43 | 001,896,183 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\Cat.DB
[2013/06/27 10:00:43 | 000,014,818 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\VT20130115.021
[2013/06/26 23:00:18 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2013/06/26 22:55:01 | 000,007,877 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnetv.cat
[2013/06/26 22:55:01 | 000,007,601 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnet.cat
[2013/06/26 22:55:01 | 000,001,468 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnetv.inf
[2013/06/26 22:55:01 | 000,001,440 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnet.inf
[2013/06/26 22:55:00 | 000,009,670 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symelam.cat
[2013/06/26 22:55:00 | 000,007,583 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symefa.cat
[2013/06/26 22:55:00 | 000,003,434 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symefa.inf
[2013/06/26 22:55:00 | 000,000,996 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symelam.inf
[2013/06/26 22:54:59 | 000,007,611 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.cat
[2013/06/26 22:54:59 | 000,007,593 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\iron.cat
[2013/06/26 22:54:59 | 000,007,581 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.cat
[2013/06/26 22:54:59 | 000,007,577 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symds.cat
[2013/06/26 22:54:59 | 000,007,577 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.cat
[2013/06/26 22:54:59 | 000,002,852 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symds.inf
[2013/06/26 22:54:59 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.inf
[2013/06/26 22:54:59 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.inf
[2013/06/26 22:54:59 | 000,000,827 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.inf
[2013/06/26 22:54:59 | 000,000,737 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\iron.inf
[2013/06/26 22:53:51 | 000,014,818 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symvtcer.dat
[2013/06/26 22:53:51 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\isolate.ini
[2013/06/26 16:33:33 | 000,001,875 | ---- | C] () -- C:\Users\JayeTee\Desktop\Wordpad.lnk
[2013/06/25 21:51:49 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2013/06/25 21:51:49 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2013/06/25 21:16:42 | 001,610,083 | ---- | C] () -- C:\Users\JayeTee\Documents\Map of US.rtf
[2013/06/21 12:38:10 | 000,000,223 | ---- | C] () -- C:\Users\JayeTee\Desktop\http--myrouter.local-signin.url
[2013/06/20 22:45:20 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/06/20 22:34:38 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\Shockwave Games.lnk
[2013/06/20 22:34:38 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Super Collapse! II.lnk
[2013/06/19 22:38:14 | 000,000,947 | ---- | C] () -- C:\Users\JayeTee\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/17 12:03:07 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/06/17 11:54:01 | 002,026,306 | ---- | C] () -- C:\Users\JayeTee\Desktop\e.mht
[2013/06/09 20:37:53 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/06/07 21:56:14 | 000,002,497 | ---- | C] () -- C:\Users\JayeTee\Desktop\Microsoft Office PowerPoint Viewer 2007.lnk
[2013/05/18 19:36:40 | 000,003,584 | ---- | C] () -- C:\Users\JayeTee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/08 17:18:52 | 000,015,753 | ---- | C] () -- C:\Users\JayeTee\JOYCETERRY730_YAHOO_COM_201305081950508906.pdf
[2013/04/25 18:30:20 | 000,024,064 | ---- | C] () -- C:\Users\JayeTee\AppData\Roaming\UserTile.png
[2013/04/09 00:47:32 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2013/04/07 11:07:59 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013/04/07 11:07:58 | 000,085,611 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/07 11:07:18 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/03/16 18:18:28 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2013/02/27 21:30:58 | 000,000,680 | ---- | C] () -- C:\Users\JayeTee\AppData\Local\d3d9caps.dat
[2013/02/27 20:51:46 | 000,000,107 | ---- | C] () -- C:\Windows\WF320.ini
[2013/02/26 23:47:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/02/26 23:47:03 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/02/26 23:47:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/02/26 00:20:38 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2013/02/25 19:17:54 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2013/02/25 19:17:52 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2013/02/25 19:15:48 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2013/02/25 19:15:48 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

========== ZeroAccess Check ==========

[2006/11/02 05:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/25 19:38:14 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Acer
[2013/04/26 17:31:51 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/06/25 21:46:21 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Dropbox
[2013/03/18 17:58:56 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Epson
[2013/04/03 16:13:47 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\ID Vault
[2013/03/12 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Leader Technologies
[2013/02/25 19:38:12 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Leadertech
[2013/04/26 22:40:50 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\PDAppFlex
[2013/04/26 20:54:15 | 000,000,000 | ---D | M] -- C:\Users\JayeTee\AppData\Roaming\Watchtower

========== Purity Check ==========

< End of report >

Custom Scan Fixes:
All processes killed
Error: Unable to interpret <Code: > in the current context!
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: JayeTee
->Temp folder emptied: 9031392 bytes
->Temporary Internet Files folder emptied: 70542735 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1207 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 531078 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4083187 bytes

Total Files Cleaned = 80.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: JayeTee
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: JayeTee

User: Public

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07052013_212343

Files\Folders moved on Reboot...
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3V79ULW8\105699-active-download-manager-2[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3V79ULW8\fastbutton[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

JTee · 2013/07/06

I completed all steps from 1 thru 14. I completed step 7 last because I could not find it at first & had to go to the website. When the Windows updates were done it created restore point & after this process computer seemed to run slower for a while in terms of responding when I clicked on something. As well, with 1st reboot, a msg came up & then disappeared, regarding D2M1 or something like that was preventing th computer from shutting down. No messages regarding any trojans, rootkits or bootkits was received.
I ran mbam & restarted the computer. It is still running extremely slow & responding very slow when I click on anything. I got several messages regarding the browsing be slowed down by add-ons, one of which was WOT & the IE had closed the website to protect my computer. This is the last MBAM I ran:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.06.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
JayeTee :: JT [administrator]

Protection: Disabled

7/6/2013 1:21:08 AM
mbam-log-2013-07-06 (01-21-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205674
Time elapsed: 12 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
At this time Norton has detected an error (3048,3) & is running autofix for an installation error, which it has stated it was successful in fixing.

JTee · 2013/07/06

Broni, Secunia takes up to 5 minutes to load; since I have Windows set to update automatically, is Secunia needed as well? Also, my computer is running slower now, I have Yahoo.com set as my home page & I keep getting a msg that Yahoo.com is not responding (until Secunia loads). As well programs keep trying to download that I have not requested, ie., api, when I come to WindowsBBS.

broni · 2013/07/06

should I uninstall Adobe AIR & download Assistant as well? With Foxit, can I keep Adobe Flash Player?
Click to expand...

Yes to both.

You don't need Secunia to run as a startup.
You can use QuickStartup to disable it.
Download, and install Quick Startup: http://www.glarysoft.com/qs.html

OTL log is incorrect. You clicked on "Scan" button instead of "Fix" button.
Redo.

Here is a culprit for your computer slowness:

766.82 Mb Total Physical Memory
Click to expand...

Vista needs at least 2GB of RAM to run smoothly.
There is no way around it.
RAM is very cheap these days though...

JTee · 2013/07/07

I'm thoroughly confused Broni, which OTL must I redo? When you have me copy & paste, do I go through the whole routine in OTL: all users & quick scan then paste what I copied in the 'Custom Scan/Fix' box or just load OTL & go straight to paste in the 'Custom Scan/Fix' box & then click 'Fix'?
Since Vista was preinstall on my computer when purchased from the manufacturer (Acer), I do not understand why they would not put the required RAM for Vista. Please tell me where do I buy.
Now the menu bar (or whatever it is called) in Yahoo mail does not show that lets me select delete, spam, reply, forward, etc; it hass been replaced with ads, which I can't seem to get rid of.

broni · 2013/07/07

1. Re-run OTL. Copy/paste script from my reply #24 and click on "Fix" button not "Scan" button.

2. This is how they used to sell Vista computers. Many of them came with just 1GB of RAM.
You can find out what you need by going here: http://www.crucial.com/ or you can visit your nearby computer store.

3. Yahoo mail issue in what browser?

JTee · 2013/07/08

The problem w/Yahoo is in IE, however it is not an issue today.

OTL #24 Log:
All processes killed
Error: Unable to interpret <Code: > in the current context!
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: JayeTee
->Temp folder emptied: 9568164 bytes
->Temporary Internet Files folder emptied: 81871394 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 3059 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2508 bytes
RecycleBin emptied: 903 bytes

Total Files Cleaned = 87.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: JayeTee
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: JayeTee

User: Public

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07082013_144745

Files\Folders moved on Reboot...
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\fc[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\google_com[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\launch[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\st[1] moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\st[2] moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\xframe-proxy_20120309[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM93KT4I\xframe-proxy_20120309[2].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9I1CHXW0\01[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9I1CHXW0\0[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9I1CHXW0\intro_sprite[1].mp3 moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\62MZJS3X\105699-active-download-manager-2[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\62MZJS3X\fastbutton[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\62MZJS3X\r-csc[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\62MZJS3X\r-sf[2].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2HHCOBUQ\0[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2HHCOBUQ\tictacSecureXDM[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2HHCOBUQ\xcomm[1].htm moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\JayeTee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

broni · 2013/07/08

Way to go!!
Good luck and stay safe

JTee · 2013/07/08

Thanks Broni, however Yahoo mail has began not showing the menu that allows reply, forward, spam, etc. Since this is resolved, do I begin a new thread & are you the one who shows that the problem is resolved or me?

broni · 2013/07/08

Only I can mark it as resolved.

Reset Internet Explorer.
Go here: http://support.microsoft.com/kb/923737 and run "FixIt" procedure.
You can use ANY browser to download "FixIt" file.
Make sure you follow ALL steps listed there.

Same problem?

JTee · 2013/07/08

"broni said: ↑

Only I can mark it as resolved.

Reset Internet Explorer.
Go here: http://support.microsoft.com/kb/923737 and run "FixIt" procedure.
You can use ANY browser to download "FixIt" file.
Make sure you follow ALL steps listed there.

Same problem?
Click to expand...

Yes, unable to reply, forward, etc. Thanks Broni, you're a god-send!

broni · 2013/07/08

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

JTee · 2013/07/08

Thanks, Broni!

broni · 2013/07/08

Log in or Sign up

Solved DownLoad Manager

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

JTee Well-Known Member Thread Starter

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved DownLoad Manager

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

JTee Well-Known Member Thread Starter

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

JTee Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches