Jump to content

Malwarebytes has stopped working


Recommended Posts

After the recent update to Malwarebytes I have been unable to run a scan. Each time I attempt I get the Windows error that Malwarebytes has stopped working. I used the clean uninstall utility and then reinstalled only to have the same error.

 

System is Vista 64bit

 

I have a feeling the system is infected as I not am getting a message that Windows needs to registered. Any suggestions would be greatly appreciated.

 

Jeff

Link to post
Share on other sites

"After the recent update to Malwarebytes I have been unable to run a scan. Each time I attempt I get the Windows error that Malwarebytes has stopped working. I used the clean uninstall utility and then re-installed only to have the same error."


-------------------------------------------


 


My System is Windows 7-64


 


I also have the same problem. When I went back to an older "free" version it works great but I am unable to update it. Everytime I try to install the software I receive 5 internal error reports; Runtime error (at 79:177) and one at (69:252) and another at (45:89.)


 


I paid for the "Pro version" in April.


 


 


 


 


Link to post
Share on other sites

Hello and :welcome:

both of you try these steps,

@hump3dc after you tried those steps, start your own topic and post your logs in your own post...

Let's try this first....

Thank You,

Firefox

Link to post
Share on other sites

Thank you for your response. I tried the uninstall and then re installed with no change.

below you will find the FRST txt I had to attach both the addition txt and the check results

 

 

 

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
Ran by Jeff (administrator) on FAMILY on 24-07-2014 17:09:46
Running from C:\Users\Jeff\Desktop
Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Users\Jeff\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [KBD] => C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [12288 2008-07-21] (Microsoft)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016 2008-12-04] (Hewlett-Packard)
HKLM-x32\...\Run: [updateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [updateLBPShortCut] => c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [updatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [updatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-12-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-15] (CyberLink)
HKLM-x32\...\Run: [DVDAgent] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2014-01-26] (alch)
HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-02-09] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN 
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [spybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [Google Update] => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-18] (Google Inc.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [MusicManager] => C:\Users\Jeff\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe 
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Run: [GoogleChromeAutoLaunch_1D9E4397701B26121F48AD4BA9175EBF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\MountPoints2: {211874aa-30be-11e3-b920-00248c7e1c9a} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\MountPoints2: {211874fb-30be-11e3-b920-00248c7e1c9a} - J:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3125988599-3904625779-1217307038-1000\...\MountPoints2: {4c2fbb1c-d76c-11df-80a3-00248c7e1c9a} - "J:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk
ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\The Print Shop 23\Remind.exe (Broderbund Properties LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
ShortcutTarget: Picture Motion Browser Media Check Tool.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=92&bd=bestbuy&pf=cndt
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=92&bd=bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=92&bd=bestbuy&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
SearchScopes: HKLM - {8776F0B8-E8AE-4692-92BA-E35731C5FE36} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
SearchScopes: HKLM-x32 - {8776F0B8-E8AE-4692-92BA-E35731C5FE36} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {8776F0B8-E8AE-4692-92BA-E35731C5FE36} URL = 
BHO: HQ-Video-Pro-1.9 -> {11111111-1111-1111-1111-110511311172} -> C:\Program Files (x86)\HQ-Video-Pro-1.9\HQ-Video-Pro-1.9-bho64.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: HKLM-x32 {1241F20B-0688-45A5-ADB2-208AFE4A5DDC} http://cloud5.firehousesoftware.com/il/robertspark/plugins/fhweb-activex.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeff\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: HQ-Video-Pro-1.9 - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-05-31]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-29]
FF Extension: Google Toolbar for Firefox - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-06-26]
FF Extension: Bitdefender QuickScan - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-08-01]
FF Extension: Multirow Bookmarks Toolbar - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\to09kdos.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi [2011-04-30]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-24]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-28]
FF HKCU\...\Firefox\Extensions: [{5079CB05-7D74-FC48-BAFA-EE7D45E7658E}] - C:\Program Files (x86)\ViewPassword-soft\171.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-07-21]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jeff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-07-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-10-22] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-02-09] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2009-02-09] ()
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-24] (Malwarebytes Corporation)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-24 17:09 - 2014-07-24 17:09 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Jeff\Desktop\mbam-check-2.1.1.1001.exe
2014-07-24 17:05 - 2014-07-24 17:09 - 00030096 _____ () C:\Users\Jeff\Desktop\FRST.txt
2014-07-24 17:03 - 2014-07-24 17:03 - 02093568 _____ (Farbar) C:\Users\Jeff\Desktop\FRST64.exe
2014-07-24 17:01 - 2014-07-24 17:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 17:01 - 2014-07-24 17:01 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 17:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-24 17:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-24 17:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-24 17:00 - 2014-07-24 17:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jeff\Desktop\mbam-setup-2.0.2.1012 (1).exe
2014-07-24 16:43 - 2014-07-24 16:43 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jeff\Desktop\mbam-clean-2.1.1.1001.exe
2014-07-23 18:20 - 2014-07-23 18:21 - 00002530 _____ () C:\Users\Jeff\Desktop\Rkill.txt
2014-07-23 18:19 - 2014-07-23 18:19 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Jeff\Desktop\rkill.exe
2014-07-23 17:27 - 2014-07-23 17:27 - 00050109 _____ () C:\Users\Jeff\Desktop\Additiona.txt
2014-07-23 17:26 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST
2014-07-23 17:26 - 2014-07-23 17:27 - 00050659 _____ () C:\Users\Jeff\Desktop\FRSTa.txt
2014-07-23 17:04 - 2014-07-23 17:22 - 00000000 ____D () C:\ARC
2014-07-21 19:30 - 2014-07-21 19:29 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 19:25 - 2014-07-21 19:26 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 18:02 - 2014-07-23 19:17 - 00000314 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-07-21 18:02 - 2013-04-08 16:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2014-07-21 17:17 - 2014-07-21 17:17 - 00001119 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-21 17:17 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-07-21 03:21 - 2014-07-24 16:54 - 00066866 _____ () C:\Windows\PFRO.log
2014-07-20 21:49 - 2014-06-06 23:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-20 21:49 - 2014-06-06 22:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-20 21:49 - 2014-06-06 21:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-20 21:49 - 2014-06-06 21:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-20 21:49 - 2014-06-06 21:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-20 21:49 - 2014-06-06 21:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-20 21:49 - 2014-06-06 21:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-20 21:49 - 2014-06-06 21:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-20 21:49 - 2014-06-06 21:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-20 21:49 - 2014-06-06 21:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-20 21:49 - 2014-06-06 21:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-20 21:49 - 2014-06-06 21:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-20 21:49 - 2014-06-06 21:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-20 21:49 - 2014-06-06 21:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-20 21:49 - 2014-06-06 21:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-20 21:49 - 2014-06-06 21:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-20 21:49 - 2014-06-06 21:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-20 21:49 - 2014-06-06 21:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-20 21:49 - 2014-06-06 21:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-20 21:49 - 2014-06-06 21:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-20 21:49 - 2014-06-06 21:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-20 21:49 - 2014-06-06 19:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-20 21:49 - 2014-06-06 18:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-20 21:49 - 2014-06-06 18:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-20 21:49 - 2014-06-06 18:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-20 21:49 - 2014-06-06 18:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-20 21:49 - 2014-06-06 18:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-20 21:49 - 2014-06-06 18:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-20 21:49 - 2014-06-06 17:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-20 21:49 - 2014-06-06 17:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-20 21:49 - 2014-06-06 17:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-20 21:49 - 2014-06-06 17:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-20 21:49 - 2014-06-06 17:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-20 21:49 - 2014-06-06 17:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-20 21:49 - 2014-06-06 17:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-20 21:49 - 2014-06-06 17:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-20 21:49 - 2014-06-06 17:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-20 21:49 - 2014-06-06 17:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-20 21:49 - 2014-06-06 17:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-20 21:49 - 2014-06-06 17:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-20 21:49 - 2014-06-06 17:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-20 21:49 - 2014-06-06 17:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-20 21:48 - 2014-06-06 19:33 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-20 21:48 - 2014-06-06 03:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-20 21:48 - 2014-06-06 02:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-20 21:44 - 2014-05-30 02:10 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-18 08:08 - 2014-07-18 08:08 - 07923017 _____ () C:\Users\Jeff\Desktop\202 Practice PowerPoint.ppsx
2014-07-12 16:07 - 2014-07-20 21:02 - 00000000 ____D () C:\Program Files\iPod(167)
2014-07-12 16:07 - 2014-07-12 16:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(191)
2014-07-12 16:07 - 2014-07-12 16:08 - 00000000 ____D () C:\Program Files (x86)\iTunes(92)
2014-06-27 20:46 - 2014-07-21 18:01 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Guardian
2014-06-27 20:46 - 2014-07-20 20:51 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Browser Guardian
2014-06-27 20:46 - 2014-06-27 21:05 - 00000003 _____ () C:\Users\Jeff\AppData\Local\proxy.log
2014-06-27 20:46 - 2014-06-27 20:46 - 00000342 _____ () C:\Windows\Tasks\bench-sys.job
2014-06-27 20:46 - 2014-06-27 20:46 - 00000342 _____ () C:\Windows\Tasks\bench-S-1-5-21-3125988599-3904625779-1217307038-1000.job
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-07-24 17:09 - 2014-07-24 17:09 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Jeff\Desktop\mbam-check-2.1.1.1001.exe
2014-07-24 17:09 - 2014-07-24 17:05 - 00030096 _____ () C:\Users\Jeff\Desktop\FRST.txt
2014-07-24 17:09 - 2014-07-23 17:26 - 00000000 ____D () C:\FRST
2014-07-24 17:08 - 2012-04-12 07:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-24 17:03 - 2014-07-24 17:03 - 02093568 _____ (Farbar) C:\Users\Jeff\Desktop\FRST64.exe
2014-07-24 17:01 - 2014-07-24 17:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 17:01 - 2014-07-24 17:01 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 17:01 - 2014-07-24 17:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 17:01 - 2012-04-18 15:09 - 00000254 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-07-24 17:01 - 2009-04-22 11:37 - 01661329 _____ () C:\Windows\WindowsUpdate.log
2014-07-24 17:00 - 2014-07-24 17:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jeff\Desktop\mbam-setup-2.0.2.1012 (1).exe
2014-07-24 17:00 - 2009-04-06 19:20 - 00003576 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-07-24 16:58 - 2012-12-17 22:47 - 00000000 ___RD () C:\Users\Jeff\Dropbox
2014-07-24 16:58 - 2012-12-17 22:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox
2014-07-24 16:54 - 2014-07-21 03:21 - 00066866 _____ () C:\Windows\PFRO.log
2014-07-24 16:54 - 2014-05-31 13:26 - 00000914 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-24 16:54 - 2012-05-06 00:07 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 16:54 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-24 16:54 - 2006-11-02 10:22 - 00004016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-24 16:54 - 2006-11-02 10:22 - 00004016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-24 16:53 - 2006-11-02 10:42 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-24 16:50 - 2011-08-18 16:15 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125988599-3904625779-1217307038-1000UA.job
2014-07-24 16:43 - 2014-07-24 16:43 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jeff\Desktop\mbam-clean-2.1.1.1001.exe
2014-07-24 16:15 - 2012-05-06 00:07 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-24 13:31 - 2014-05-31 13:26 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-24 10:14 - 2009-06-11 10:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-23 23:49 - 2011-08-18 16:15 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125988599-3904625779-1217307038-1000Core.job
2014-07-23 19:25 - 2012-12-17 22:47 - 00000956 _____ () C:\Users\Jeff\Desktop\Dropbox.lnk
2014-07-23 19:25 - 2012-12-17 22:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-23 19:18 - 2009-04-06 19:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 19:18 - 2006-11-02 10:21 - 01181608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-23 19:17 - 2014-07-21 18:02 - 00000314 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-07-23 18:43 - 2010-12-23 13:14 - 00000000 ____D () C:\ProgramData\TVersity
2014-07-23 18:21 - 2014-07-23 18:20 - 00002530 _____ () C:\Users\Jeff\Desktop\Rkill.txt
2014-07-23 18:19 - 2014-07-23 18:19 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Jeff\Desktop\rkill.exe
2014-07-23 17:27 - 2014-07-23 17:27 - 00050109 _____ () C:\Users\Jeff\Desktop\Additiona.txt
2014-07-23 17:27 - 2014-07-23 17:26 - 00050659 _____ () C:\Users\Jeff\Desktop\FRSTa.txt
2014-07-23 17:22 - 2014-07-23 17:04 - 00000000 ____D () C:\ARC
2014-07-23 16:46 - 2009-05-24 17:45 - 00417072 _____ () C:\Users\Jeff\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 16:32 - 2010-06-05 03:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 19:30 - 2013-11-16 10:49 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-21 19:29 - 2014-07-21 19:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-21 19:29 - 2014-07-21 19:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 19:29 - 2009-06-04 20:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-21 19:26 - 2014-07-21 19:25 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 18:02 - 2014-05-31 13:26 - 00000000 ____D () C:\Program Files\pcmax
2014-07-21 18:01 - 2014-06-27 20:46 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Guardian
2014-07-21 18:01 - 2010-12-23 13:16 - 00000000 ____D () C:\Program Files (x86)\TVersitybar
2014-07-21 17:17 - 2014-07-21 17:17 - 00001119 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-21 07:15 - 2014-05-31 14:14 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-21 03:26 - 2009-07-16 03:08 - 00005324 _____ () C:\Users\Jeff\AppData\Local\d3d9caps.dat
2014-07-21 03:19 - 2006-11-02 10:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-21 03:03 - 2013-07-27 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-21 03:00 - 2006-11-02 07:35 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-20 23:25 - 2009-05-24 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123CopyDVD Gold
2014-07-20 22:08 - 2012-04-12 07:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-20 22:08 - 2011-07-30 10:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-20 21:11 - 2013-03-05 18:51 - 00000000 ___RD () C:\Users\Jeff\SkyDrive
2014-07-20 21:02 - 2014-07-12 16:07 - 00000000 ____D () C:\Program Files\iPod(167)
2014-07-20 21:02 - 2009-05-24 17:41 - 00000000 ____D () C:\Users\Jeff
2014-07-20 21:02 - 2009-04-06 19:13 - 00000000 ____D () C:\Program Files (x86)\NetZeroPreloader
2014-07-20 21:02 - 2006-11-02 08:34 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-07-20 21:01 - 2006-11-02 07:33 - 76283904 _____ () C:\Windows\system32\config\software_previous
2014-07-20 21:01 - 2006-11-02 07:33 - 63438848 _____ () C:\Windows\system32\config\components_previous
2014-07-20 21:01 - 2006-11-02 07:33 - 22282240 _____ () C:\Windows\system32\config\system_previous
2014-07-20 21:01 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-07-20 21:01 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-07-20 21:01 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-07-20 20:51 - 2014-06-27 20:46 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Browser Guardian
2014-07-20 20:51 - 2014-05-31 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-20 20:51 - 2014-04-06 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-20 20:51 - 2014-04-06 11:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-20 20:51 - 2014-04-06 11:22 - 00000000 ____D () C:\Program Files\iTunes
2014-07-20 20:51 - 2014-04-06 11:22 - 00000000 ____D () C:\Program Files\iPod
2014-07-20 20:51 - 2014-04-06 11:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-20 20:51 - 2013-02-25 00:10 - 00000000 ____D () C:\Users\Jeff\Documents\Phone Root Files
2014-07-20 20:51 - 2012-05-06 00:09 - 00000000 ___RD () C:\Users\Jeff\Google Drive
2014-07-20 20:51 - 2011-08-18 16:16 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-07-20 20:51 - 2011-07-01 11:39 - 00000000 ____D () C:\Users\Jeff\Desktop\2011-06-30
2014-07-20 20:51 - 2010-05-29 10:25 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-20 20:51 - 2009-11-30 20:57 - 00000000 ____D () C:\Users\Jeff\Documents\My Scans
2014-07-20 20:51 - 2009-11-15 10:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-20 20:51 - 2009-07-01 15:55 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\CopyTrans
2014-07-20 20:51 - 2009-05-25 13:23 - 00000000 ____D () C:\Users\Jeff\Desktop\Old Scans
2014-07-20 20:51 - 2009-05-24 17:41 - 00000000 ___RD () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-20 20:51 - 2009-05-24 17:41 - 00000000 ___RD () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-20 20:51 - 2006-11-02 10:07 - 00000000 ____D () C:\Windows\ShellNew
2014-07-20 20:51 - 2006-11-02 08:34 - 00000000 ____D () C:\Windows\system32\spool
2014-07-20 20:51 - 2006-11-02 08:33 - 00000000 __RSD () C:\Windows\Media
2014-07-20 20:49 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\registration
2014-07-20 20:34 - 2009-04-06 19:15 - 00000000 ____D () C:\Program Files (x86)\SMINST
2014-07-18 08:08 - 2014-07-18 08:08 - 07923017 _____ () C:\Users\Jeff\Desktop\202 Practice PowerPoint.ppsx
2014-07-12 16:08 - 2014-07-12 16:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69(191)
2014-07-12 16:08 - 2014-07-12 16:07 - 00000000 ____D () C:\Program Files (x86)\iTunes(92)
2014-06-27 21:07 - 2014-06-01 20:25 - 00000000 ____D () C:\temp
2014-06-27 21:05 - 2014-06-27 20:46 - 00000003 _____ () C:\Users\Jeff\AppData\Local\proxy.log
2014-06-27 20:46 - 2014-06-27 20:46 - 00000342 _____ () C:\Windows\Tasks\bench-sys.job
2014-06-27 20:46 - 2014-06-27 20:46 - 00000342 _____ () C:\Windows\Tasks\bench-S-1-5-21-3125988599-3904625779-1217307038-1000.job
 
Some content of TEMP:
====================
C:\Users\Jeff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzbjlya.dll
C:\Users\Jeff\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-24 17:02
 
==================== End Of Log ============================
 

 

CheckResults.txt

Addition.txt

Link to post
Share on other sites

Your logs show that you are infected...

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.