Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Keep getting redirected to "online.bbt.com/auth/pwd.tb" [Solve

Redirect wrong password banking site

  • This topic is locked This topic is locked

#61
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Okay, this is the only FixLog that was in my Downloads.  My computer rebooted and then I went to Downloads and copied this FixLog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2014 02
Ran by Owner at 2014-10-12 20:07:49 Run:7
Running from C:\Users\Owner\Downloads
Loaded Profile: Owner (Available profiles: Owner)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe
SearchScopes: HKCU - {E74827C1-2465-4D49-9E13-E83C0775E3AB} URL = https://www.google.c...q={searchTerms}
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
C:\ProgramData\Best Buy pc app
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
C:\Program Files (x86)\Yahoo!
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-07] ()
C:\Windows\system32\drivers\hitmanpro37.sys
C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe
EmptyTemp:
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk => Moved successfully.
C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe not found.
"C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe" => File/Directory not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E74827C1-2465-4D49-9E13-E83C0775E3AB}" => Key deleted successfully.
"HKCR\CLSID\{E74827C1-2465-4D49-9E13-E83C0775E3AB}" => Key not found.
"HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0" => Key deleted successfully.
"C:\ProgramData\Best Buy pc app" => File/Directory not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6" => Key deleted successfully.
C:\Program Files (x86)\Yahoo!\Shared\npYState.dll => Moved successfully.
C:\Program Files (x86)\Yahoo! => Moved successfully.
hitmanpro37 => Service deleted successfully.
C:\Windows\system32\drivers\hitmanpro37.sys => Moved successfully.
C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe => Moved successfully.
EmptyTemp: => Removed 525.1 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

Advertisements


#62
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

That worked perfectly. :thumbsup:

 

Now I would like you to try again with Internet Explorer to see if there has been a change. Just an outside chance but you never know.

 

Come back and tell me.

 

I have to go out soon and I think it might be getting late where you are so I will wait for your answer.


  • 0

#63
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Yesssss!! It works in IE and Firefox, but still the same in Chrome (which I use).  :-(   Was it okay for me to go into my accounts through IE and Firefox, since they were working?  I hope there is no Trojan or anything to capture my passwords.  But Chrome is still not letting me go onto any money sites.


  • 0

#64
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

One other thing....Would it be safer for me to use Kaspersky's Safe Money site to access my money sites, i.e. bank, credit cards, etc. than to use the regular browser??


  • 0

#65
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

Yesssss!! It works in IE and Firefox,

 

Good news. :)

 

As for the Chrome one. There is a new infection, just recently reported that is not showing up in our scans. It is quite devious and not easily fixed. The only solution that has worked so far is a complete uninstall of Chrome. You remember I mentioned that earlier as a possibility. I don't know whether that is what we have here but let's try a full uninstall and then reinstall.

 

Go to Control Panel > Uninstall a program and uninstall Google Chrome. Also check to see if there is anything else with the name Chrome in it and uninstall that too.

 

After that, reinstall Chrome. Go here to download Chrome.

 

Do that and tell me if it makes a difference.

 

Note: If you want to save the Chrome bookmarks before you uninstall then go to the link below to learn how to export Chrome's bookmarks. You can save them somewhere you can find them and import them back to Chrome when you reinstall.

https://support.goog...wer/96816?hl=en

 

I have to go out now so no doubt we will catch up again tomorrow. :)

 

 


  • 0

#66
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

One other thing....Would it be safer for me to use Kaspersky's Safe Money site to access my money sites, i.e. bank, credit cards, etc. than to use the regular browser??

 

Ah, we cross posted and I missed this.

 

Up to you really, most banks have pretty good security and won't let you in if something is suspected but you already know that. :lol:

 

Catch you tomorrow your time. :)


  • 0

#67
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Thanks a bunch.  Will uninstall Chrome and see what happens.  Will we still have to run another scan tomorrow after that?  If there is a new infection, then I would assume so, but it's up to you.

 

Talk to you tomorrow.  Have a good day!   :D


  • 0

#68
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

 

 

As for the Chrome one. There is a new infection, just recently reported that is not showing up in our scans. It is quite devious and not easily fixed. The only solution that has worked so far is a complete uninstall of Chrome. You remember I mentioned that earlier as a possibility. I don't know whether that is what we have here but let's try a full uninstall and then reinstall

 

I have uninstalled Chrome and re-installed.  It still won't let me on any money sites.  Please let me know about the new infection.  Now I am worried.  I thought we almost had this thing beat.   :no:


  • 0

#69
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

When I use Chrome now, it shows two icons in the Taskbar.  I right click on the second one and exit, but as soon as I go to another site, it reopens.  Should I have my mom take her computer to a tech and see what is going on, or do you think you will be able to help me resolve this soon?  I really, really appreciate your time and dedication, but I am getting quite exhausted over all this.  I have had to stay with my mom a couple days now to get this sorted out.  I need to get back home and catch up on things.  Let me know what you think.

 

BTW...I might have to go home for awhile and then come back to work some more on her computer.  Will get on here and check to see if you have responded, though.


Edited by BeachBumBum, 13 October 2014 - 11:12 AM.

  • 0

#70
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

Should I have my mom take her computer to a tech and see what is going on, or do you think you will be able to help me resolve this soon?

 

Entirely up to you. I am happy to continue if you wish.

 

When I use Chrome now, it shows two icons in the Taskbar.

 

 

 

Suggests to me that there was a leftover icon from the last Chrome i.e. everything wasn't removed at the uninstall. You can right click and unpin one of them.

 

Now

 

Let's have another look at things.

 

This time we will use a different tool. If you have any difficulty running it don't hesitate to come back and ask. Use Firefox to download it. That way you can follow the instructions below to save it to your desktop. You can do that with IE as well but you might find it easier to use FF.

 

SOoo...

 

Please download zoek.exe (it is the zoek.exe one you want not the zip or the rar) and save it to your desktop (Firefox users right click and Save Link As...).
 

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  •     Double click zoek.zip
  •     Double click on zoek.exe to run.
  •     Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  •     Click on the box "Do a Quick Scan"
  •     Click on Run script button
  •     Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  •     Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"
 

 

 


  • 0

Advertisements


#71
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Here's the log.  Wasn't sure if it was finished or not, but the computer rebooted, and it produced this log.  It looks like it deleted everything.  I just put Malewarebytes, etc. back on my computer.  Why did this program delete everything?:

 

 
Zoek.exe v5.0.0.0 Updated 11-October-2014
Tool run by Owner on Mon 10/13/2014 at 19:02:39.79.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\Desktop\zoek.exe [Scan all users]   [Quick Scan] [Auto Clean]
 
==== System Restore Info ======================
 
10/13/2014 7:04:28 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Panda Security deleted successfully
C:\PROGRA~2\Roxio deleted successfully
C:\PROGRA~3\LogMeIn deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Owner\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Owner\AppData\Roaming\Panda Security deleted successfully
C:\Users\Owner\AppData\Roaming\Roxio deleted successfully
C:\Users\Owner\AppData\Roaming\TP deleted successfully
C:\Users\Owner\AppData\Local\Dell Edoc Viewer deleted successfully
C:\Users\Owner\AppData\Local\KodakGallery deleted successfully
C:\Users\Owner\AppData\Local\magicJack deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully
 
==== Deleting Files \ Folders ======================
 
C:\Program Files\TermTutor deleted
C:\user.js deleted
C:\PROGRA~3\Yahoo! deleted
C:\Users\Owner\AppData\LocalLow\Yahoo! deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2014-10-12 04:02:07 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-10-12 04:02:07 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-10-12 04:02:07 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-10-12 04:02:07 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-10-12 04:02:07 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Owner\AppData\Local\Temp ====
2014-10-13 04:33:49 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\OSProvider.dll
2014-10-13 04:33:49 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\IntlProvider.dll
2014-10-13 04:33:49 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DismProv.dll
2014-10-13 04:33:49 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DmiProvider.dll
2014-10-13 04:33:49 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\UnattendProvider.dll
2014-10-13 04:33:49 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\wdscore.dll
2014-10-13 04:33:49 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\TransmogProvider.dll
2014-10-13 04:33:49 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\WimProvider.dll
2014-10-13 04:33:49 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\FolderProvider.dll
2014-10-13 04:33:49 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\MsiProvider.dll
2014-10-13 04:33:49 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\SmiProvider.dll
2014-10-13 04:33:48 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DismCorePS.dll
2014-10-13 04:33:48 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\CbsProvider.dll
2014-10-13 04:33:48 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DismCore.dll
2014-10-13 04:33:48 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\CompatProvider.dll
2014-10-13 04:33:48 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DismHost.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-10-12 21:39:44 07EF2978A5BC36720378F95566697FD8 272808 ------w- C:\Windows\SysWOW64\javaws.exe
2014-10-12 21:39:38 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ------w- C:\Windows\SysWOW64\javaw.exe
2014-10-12 21:39:38 11FD45A41DF45298686ED39062AABE2A 175528 ------w- C:\Windows\SysWOW64\java.exe
2014-10-12 21:39:38 0F70F4DAF2BC5613EE75C9B2585CE67E 98216 ------w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-07 21:30:29 3E62CF18441A03A440B280182E4B6935 129872 ------w- C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-10-07 20:15:50 0DC5AF80D059DEC792B665ED598C6567 536576 ------w- C:\Windows\SysWOW64\sqlite3.dll
2014-10-01 11:48:22 BBA80D3CAB22620A6AC9BB603386EE33 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-10-07 21:02:42 2B62A594CD86A7B2239749A9CE2DBD6C 832 ----a-w- C:\Windows\Sysnative\.crusader
2014-10-01 11:48:22 8D46C7BCDF7FBAAC8666D6640ADA930E 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll
====== C:\Windows\Sysnative\drivers =====
2014-10-13 03:39:58 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-10-13 03:18:40 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-10-13 03:18:39 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2014-10-13 03:18:39 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2014-10-12 02:43:23 A7CF9B841956293F20E25E08D53718D6 175528 ----a-w- C:\Windows\Sysnative\drivers\tmcomm.sys
====== C:\Windows\Tasks ======
2014-10-13 00:57:03 6E476177775AEC31205BCEB795E60B2B 3892 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-10-13 00:57:03 055190B14FD5F08C8008B73A551295FF 896 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 00:57:01 A8B263793ADC174F5C7824555D94741F 3640 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-10-13 00:57:01 0BC188D7DAADF0CDDF96FFD7D687E788 892 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-13 03:26:49 -------- d-----w- C:\Program Files\SuperAntiSpyware
======= C:\PROGRA~2 =====
2014-10-13 03:22:02 -------- d-----w- C:\PROGRA~2\SpywareBlaster
2014-10-13 00:57:00 -------- d-----w- C:\PROGRA~2\Google
2014-10-12 21:39:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2014-10-12 20:28:04 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\Owner\AppData\Roaming ======
2014-10-13 03:27:16 -------- d-----w- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2014-10-12 20:28:12 -------- d-----w- C:\Users\Owner\AppData\Local\Mozilla
2014-10-12 04:09:18 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-10-12 04:09:18 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-10-12 04:09:18 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2014-10-12 02:48:20 7435C34C6122EC7149C5E82BBFD42697 10 ----a-w- C:\Users\Owner\AppData\Local\sponge.last.runtime.cache
2014-10-03 17:27:01 A6DA67C6A54E58AA57FD651A992AA0A9 87320 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-02 15:01:02 -------- d-----w- C:\Users\Owner\AppData\Local\Microsoft Help
====== C:\Users\Owner ======
2014-10-13 03:26:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-10-13 03:26:49 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-10-13 03:23:33 112E37C527B859B8017D306260B4F9A2 19686112 ----a-w- C:\Users\Owner\Downloads\SUPERAntiSpyware.exe
2014-10-13 03:22:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-10-13 03:20:08 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\Owner\Downloads\spywareblastersetup50.exe
2014-10-13 03:17:13 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-13 00:57:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-13 00:56:14 CEF03A1A453C437133253AC50C42C75F 880272 ----a-w- C:\Users\Owner\Downloads\ChromeSetup.exe
2014-10-12 21:39:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-12 21:37:14 80B857683F79FD39875240E8E882F204 918952 ----a-w- C:\Users\Owner\Downloads\jxpiinstall.exe
2014-10-12 20:54:05 FCCD0F6A733248E8F624B9FE813F0324 1944824 ----a-w- C:\Users\Owner\Downloads\rkill.com
2014-10-12 20:28:04 -------- d-----w- C:\ProgramData\Mozilla
2014-10-12 20:26:39 0F65BB0AF4EB69C0377A3CCF0C3735AC 35285328 ----a-w- C:\Users\Owner\Downloads\Firefox Setup 32.0.3.exe
2014-10-12 04:09:18 -------- d-----w- C:\Users\Public\AppData
2014-10-12 03:23:22 C3DEA8E96903F9CCFAD63CE09D14E0CC 2110464 ----a-w- C:\Users\Owner\Downloads\FRST64.exe
2014-10-07 21:30:32 -------- d-----w- C:\ProgramData\Licenses
2014-10-07 20:50:53 -------- d-----w- C:\ProgramData\HitmanPro
 
====== C: exe-files ==
2014-10-13 04:33:48 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Owner\AppData\Local\Temp\3A1B5270-34A4-4606-ABE3-522F36FE2C1C\DismHost.exe
2014-10-13 03:23:33 112E37C527B859B8017D306260B4F9A2 19686112 ----a-w- C:\Users\Owner\Downloads\SUPERAntiSpyware.exe
2014-10-13 03:22:02 BE2EE9C219B016AEC95F604FBFFEE171 2115192 ----a-w- C:\Program Files (x86)\SpywareBlaster\sbautoupdate.exe
2014-10-13 03:22:02 AE13FB6BD8086465217F6A063EC3FCC3 715038 ----a-w- C:\Program Files (x86)\SpywareBlaster\unins000.exe
2014-10-13 03:22:02 1BE8001D5C4EEE56A97980CD6987EB40 2557544 ----a-w- C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
2014-10-13 03:22:02 0EED9CD892F88435BFD1AE41EF6ED60D 119976 ----a-w- C:\Program Files (x86)\SpywareBlaster\sburlhelper.exe
2014-10-13 03:20:08 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\Owner\Downloads\spywareblastersetup50.exe
2014-10-13 03:17:13 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-13 00:57:50 DEAD82DF192FEBE79E6D52FD706D1867 41095760 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\38.0.2125.101\38.0.2125.101_chrome_installer.exe
2014-10-13 00:57:00 CEF03A1A453C437133253AC50C42C75F 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe
2014-10-13 00:57:00 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
2014-10-13 00:57:00 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe
2014-10-13 00:57:00 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2014-10-13 00:57:00 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe
2014-10-13 00:57:00 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe
2014-10-13 00:57:00 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe
2014-10-13 00:57:00 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
2014-10-13 00:56:14 CEF03A1A453C437133253AC50C42C75F 880272 ----a-w- C:\Users\Owner\Downloads\ChromeSetup.exe
2014-10-12 21:39:44 07EF2978A5BC36720378F95566697FD8 272808 ------w- C:\Windows\SysWOW64\javaws.exe
2014-10-12 21:39:38 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ------w- C:\Windows\SysWOW64\javaw.exe
2014-10-12 21:39:38 11FD45A41DF45298686ED39062AABE2A 175528 ------w- C:\Windows\SysWOW64\java.exe
2014-10-12 21:39:35 F69D8BDC202973592D710BC913D01919 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-10-12 21:39:35 F67D9621616CB31217A497FEDE4913F5 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-10-12 21:39:35 EC4C47AADE6606AFCDEAB28E29654ECE 75688 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-10-12 21:39:35 CEEFA72555A8FAD52C29BA17AE3E6DEF 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-10-12 21:39:35 C8883F91C31CAC40890AC8B668E05F61 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-10-12 21:39:35 C3F55C9B02A22EC0B345E20AE9AE9B71 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-10-12 21:39:35 BF918C9473D64BBD53C22C47045883F5 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-10-12 21:39:35 A788E5ED0454307CBCFB95CC33E5F717 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-10-12 21:39:35 A6B7A388547C4CDF4D8F2AF55D79AC85 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-10-12 21:39:35 8B986C008892DB58928BC72483ADF7B9 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-10-12 21:39:35 8B657BA869AE7D3C6A29792C986E0DD5 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-10-12 21:39:35 7ED5C21F9F29B5278FFF39718C667235 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-10-12 21:39:35 7DC9A0127F850997B4CFD9923C680D7D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-10-12 21:39:35 7BDCC29DDFBB355761A018A74D4A1E8C 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-10-12 21:39:35 7A17013ABD895DFBD61A5AF9996D0E5E 50088 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-10-12 21:39:35 48442596BFEB26E56898A0E4D2596A95 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-10-12 21:39:35 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-10-12 21:39:35 34CEC403ED594B55D55DED61A3A53DAF 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-10-12 21:39:35 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-10-12 21:39:35 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-10-12 21:39:35 0371CFD6228F89B5B9E20F67807987FE 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-10-12 21:37:42 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Owner\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe
2014-10-12 21:37:14 80B857683F79FD39875240E8E882F204 918952 ----a-w- C:\Users\Owner\Downloads\jxpiinstall.exe
2014-10-12 20:28:05 EDE38595869F7D387A103E40AB4A47CE 109886 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2014-10-12 20:28:04 707E98CC15C2224C078C9E71FF1889BC 114288 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2014-10-12 20:26:39 0F65BB0AF4EB69C0377A3CCF0C3735AC 35285328 ----a-w- C:\Users\Owner\Downloads\Firefox Setup 32.0.3.exe
2014-10-12 04:02:07 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-10-12 04:02:07 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-10-12 04:02:07 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-10-12 04:02:07 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-10-12 04:02:07 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2014-10-12 03:23:22 C3DEA8E96903F9CCFAD63CE09D14E0CC 2110464 ----a-w- C:\Users\Owner\Downloads\FRST64.exe
=== C: other files ==
2014-10-13 03:39:58 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-13 03:18:40 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-13 03:18:39 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-10-13 03:18:39 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-12 21:39:35 F3EABF8A2AF5C0D8BAE022EE6C17FD91 18650 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2014-10-12 20:54:05 FCCD0F6A733248E8F624B9FE813F0324 1944824 ----a-w- C:\Users\Owner\Downloads\rkill.com
2014-10-12 02:43:23 A7CF9B841956293F20E25E08D53718D6 175528 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-406159724-1202784234-2680421251-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SuperAntiSpyware\SUPERAntiSpyware.exe"
 
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
"AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SuperAntiSpyware\SUPERAntiSpyware.exe"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
 
==== Startup Registry Disabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)]
"command"=""
"hkey"="HKLM"
"item"="(default)"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DellStage"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Monitor]
"command"="C:\\Windows\\PixArt\\PAC207\\Monitor.exe"
"hkey"="HKLM"
"item"="Monitor"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyGarminAgent]
"command"="C:\\Program Files (x86)\\Garmin\\MyGarminAgent\\MyGarminAgent.exe"
"hkey"="HKLM"
"item"="MyGarminAgent"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"command"="\"C:\\Program Files (x86)\\QuickTime\\qttask.exe\" -atboottime"
"hkey"="HKLM"
"item"="QuickTime Task"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
"backup"="C:\\Windows\\pss\\Kodak EasyShare software.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Program Files (x86)\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"
"item"="Kodak EasyShare software"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Kodak EasyShare software.lnk"
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/23/2014 08:08 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/12/2014 08:56 PM]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]" [05/19/2014 12:09 PM]
 
==== Firefox Extensions ======================
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\51y3nh8f.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
F7B57C37D4637D7AE429DE75A5C1C791 - C:\Users\Owner\AppData\Local\Roblox\Versions\version-470c28140c5148c2\NPRobloxProxy.dll - Roblox Launcher Plugin
 
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx[10/25/2012 06:25 PM]
edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx[02/20/2013 09:59 PM]
lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.googl...ajaicnklhfplh[]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\ab.crx[10/25/2012 06:25 PM]
 
Google Slides - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
WOT - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
YouTube - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Google Sheets - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Kaspersky Protection - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Google Wallet - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== Chromium Fix ======================
 
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=83 folders=52 171215 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\LogMeInRemoteUser\AppData\Local\temp emptied successfully
C:\Users\Owner\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Owner\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
 
==== EOF on Mon 10/13/2014 at 19:26:27.46 ======================

Edited by BeachBumBum, 13 October 2014 - 05:46 PM.

  • 0

#72
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

That cleaned out a few things. I would be interested to know if the banking problem is still there with Chrome.

 

Please try it and tell me how it goes. :)


  • 0

#73
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Praise the Lord!  It works in Chrome and Firefox!  IE still is not working.  I think I will have to uninstall and reinstall, but that won't be a problem.  Do you think the computer is clean now, and my parents can get online with their money accounts??  I hope so.  This would make me jump up and down right now....LOL


  • 0

#74
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

IE still is not working.

 

 

Did you try this one that I think I posted earlier?

 

Please go to support Microsoft for instructions on how to repair/reinstall your Internet Explorer.

 

It's the Windows 7 instructions you want. Internet Explorer 11 is the version you have on your machine and the one you need to download. Follow the instructions to download and then the ones to uninstall Internet Explorer 11. After that install the new Internet Explorer 11 that you just downloaded.
 

Do you think the computer is clean now, and my parents can get online with their money accounts??

 
One more thing to do, just to make sure we haven't missed anything. After that we will clear away the tools we have been using and you will be good to go. :)

 

Now

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

  • 0

#75
BeachBumBum

BeachBumBum

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts

Okay, now I am having problems loading pages in Firefox.  Some of them loaded, but this site will not load at all.  I have tried going out of the browser and back in.  Nothing.  Will ESET not download from Chrome??  Also, Chrome is still showing two icons in the taskbar.  I Unpin one and then when I go out of the browser, Chrome disappears completely.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Redirect, wrong password, banking site

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP