TechSpot

Virus removal

Solved
By hlevin
Mar 4, 2013
  1. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
  2. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-03-2013 01
    Ran by SYSTEM at 06-03-2013 10:19:41
    Running from E:\
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2357760 2011-08-29] (Cypress Semiconductor Corporation)
    HKLM\...\Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2353664 2011-08-29] (Cypress Semiconductor, Inc.)
    HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [7214696 2011-05-25] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [2226280 2011-05-17] (Realtek Semiconductor)
    HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10365952 2011-05-19] (Intel Corporation)
    HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel(R) Corporation)
    HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
    HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
    HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
    HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
    HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
    HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
    HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
    HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" [115560 2009-08-20] (Symantec Corporation)
    HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2835443 2012-02-01] ()
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
    HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-29] (DivX, LLC)
    HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-29] ()
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
    HKU\Heather\...\Run: [Spotify Web Helper] "C:\Users\Heather\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-12-23] (Spotify Ltd)
    HKU\Heather\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\Heather\...\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background [307712 2012-11-23] (FileHippo.com)
    HKU\Heather\...\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean [3713032 2012-11-13] (Safer-Networking Ltd.)
    Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
    AppInit_DLLs: C:\Windows\System32\nvinitx.dll C:\Windows\System32\nvinitx.dll
    Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
    Startup: C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> (No File)

    ==================== Services (Whitelisted) ===================

    2 ccEvtMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [108392 2009-08-20] (Symantec Corporation)
    2 ccSetMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [108392 2009-08-20] (Symantec Corporation)
    2 dlbk_device; C:\Windows\system32\dlbkcoms.exe -service [567024 2007-06-25] ( )
    3 LiveUpdate; "C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE" [3093880 2009-03-20] (Symantec Corporation)
    2 lxea_device; C:\Windows\system32\lxeacoms.exe -service [1052328 2010-04-14] ( )
    2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22056 2013-01-27] (Microsoft Corporation)
    3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [379360 2013-01-27] (Microsoft Corporation)
    2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
    2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
    2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
    2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [1328736 2012-09-24] (Secunia)
    2 Secunia Update Agent; "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service [656480 2012-09-24] (Secunia)
    2 SmcService; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe" [3098440 2009-08-20] (Symantec Corporation)
    3 SNAC; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE" [387400 2009-08-20] (Symantec Corporation)
    2 Symantec AntiVirus; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe" [2440632 2009-08-20] (Symantec Corporation)

    ==================== Drivers (Whitelisted) =====================

    3 cyhid; C:\Windows\System32\Drivers\cyhid.sys [116736 2011-08-26] ()
    3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13312 2011-08-29] (Cypress Semiconductor, Inc.)
    3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [69632 2011-08-29] (Cypress Semiconductor, Inc.)
    1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
    0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
    3 NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130304.017\ENG64.SYS [126192 2013-01-18] (Symantec Corporation)
    3 NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130304.017\EX64.SYS [2087664 2013-01-18] (Symantec Corporation)
    2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
    1 nvkflt; C:\Windows\System32\Drivers\nvkflt.sys [284008 2012-10-08] (NVIDIA Corporation)
    1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2009-08-20] (Symantec Corporation)
    3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2009-08-20] (Symantec Corporation)
    1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-08-20] (Symantec Corporation)
    3 catchme; \??\C:\ComboFix\catchme.sys [x]

    ==================== NetSvcs (Whitelisted) ====================


    ==================== One Month Created Files and Folders ========

    2013-03-05 23:00 - 2013-03-06 09:55 - 00000850 ____A C:\Windows\setupact.log
    2013-03-05 22:23 - 2013-03-05 22:23 - 00001266 ____A C:\Users\Heather\Desktop\Revo Uninstaller.lnk
    2013-03-05 22:23 - 2013-03-05 22:23 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
    2013-03-05 22:22 - 2013-03-05 22:22 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Heather\Desktop\revosetup.exe
    2013-03-05 14:38 - 2013-03-05 14:38 - 00602112 ____A (OldTimer Tools) C:\Users\Heather\Desktop\OTL.exe
    2013-03-05 14:28 - 2013-03-05 14:28 - 00001072 ____A C:\Users\Heather\Desktop\JRT.txt
    2013-03-05 13:45 - 2013-03-05 13:45 - 00001083 ____A C:\AdwCleaner[S2].txt
    2013-03-05 11:50 - 2013-03-05 11:50 - 13475464 ____A (Microsoft Corporation) C:\Users\Heather\Downloads\mseinstall.exe
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\Local Settings\Symantec
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\Local Settings\Application Data\Symantec
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\AppData\Local\Symantec
    2013-03-04 21:39 - 2013-03-04 21:39 - 00866592 ____A C:\Users\Heather\Desktop\Norton_Removal_Tool.exe
    2013-03-04 21:35 - 2013-03-04 21:35 - 00547723 ____A (Oleg N. Scherbakov) C:\Users\Heather\Desktop\JRT.exe
    2013-03-04 21:31 - 2013-03-05 22:59 - 00022412 ____A C:\Windows\PFRO.log
    2013-03-04 21:29 - 2013-03-04 21:29 - 00003132 ____A C:\AdwCleaner[S1].txt
    2013-03-04 21:28 - 2013-03-04 21:28 - 00003030 ____A C:\AdwCleaner[R2].txt
    2013-03-04 21:25 - 2013-03-04 21:25 - 00597667 ____A C:\Users\Heather\Desktop\adwcleaner.exe
    2013-03-04 21:25 - 2013-03-04 21:25 - 00002970 ____A C:\AdwCleaner[R1].txt
    2013-03-04 21:18 - 2013-03-04 21:18 - 00040259 ____A C:\ComboFix.txt
    2013-03-04 21:09 - 2013-03-04 21:18 - 00000000 ____D C:\Qoobox
    2013-03-04 21:09 - 2011-06-26 00:45 - 00256000 ____A C:\Windows\PEV.exe
    2013-03-04 21:09 - 2010-11-07 11:20 - 00208896 ____A C:\Windows\MBR.exe
    2013-03-04 21:09 - 2009-04-19 22:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
    2013-03-04 21:09 - 2000-08-30 18:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
    2013-03-04 21:09 - 2000-08-30 18:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
    2013-03-04 21:09 - 2000-08-30 18:00 - 00098816 ____A C:\Windows\sed.exe
    2013-03-04 21:09 - 2000-08-30 18:00 - 00080412 ____A C:\Windows\grep.exe
    2013-03-04 21:09 - 2000-08-30 18:00 - 00068096 ____A C:\Windows\zip.exe
    2013-03-04 19:37 - 2013-03-04 19:37 - 00000000 ____D C:\Windows\ERUNT
    2013-03-04 19:36 - 2013-03-05 14:21 - 00000000 ____D C:\JRT
    2013-03-04 02:02 - 2013-03-04 02:02 - 00000000 ____D C:\Windows\TempE04CF95F-3D09-7D18-ED9B-42568C2F4661-Signatures
    2013-03-03 22:56 - 2013-03-03 22:56 - 00000000 ____A C:\Windows\setuperr.log
    2013-03-03 22:47 - 2013-03-03 22:47 - 00000000 ____D C:\Windows\en
    2013-03-03 22:46 - 2013-03-03 22:46 - 00000000 ____D C:\Program Files\Windows Live
    2013-03-03 22:46 - 2012-09-12 14:20 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fssfltr.sys
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ___RD C:\Users\Heather\SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\ProgramData\Application Data\Microsoft SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
    2013-03-03 22:41 - 2010-06-02 03:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2013-03-03 22:41 - 2010-06-02 03:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
    2013-03-03 22:41 - 2010-06-02 03:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
    2013-03-03 22:41 - 2010-06-02 03:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2013-03-03 22:41 - 2010-05-26 10:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
    2013-03-03 22:41 - 2010-05-26 10:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2013-03-03 22:41 - 2010-05-26 10:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
    2013-03-03 22:41 - 2010-05-26 10:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2013-03-03 22:37 - 2013-03-03 22:37 - 00310688 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-03-03 22:37 - 2013-03-03 22:37 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
    2013-03-03 13:33 - 2013-03-03 13:33 - 00000000 ____D C:\Windows\Temp86CAAF9D-B4E9-ED21-1505-ED9D1037E00F-Signatures
    2013-03-03 13:28 - 2013-03-03 13:28 - 00000000 ____D C:\Windows\TempA32CCA88-2B7F-8C49-0EEE-4915E48EF262-Signatures
    2013-03-03 13:20 - 2013-03-03 13:20 - 00000000 ____D C:\Windows\Temp19A0B573-516E-49DF-A6B8-5925E3DDFA5C-Signatures
    2013-03-03 13:07 - 2013-03-03 13:07 - 00000000 ____D C:\Windows\TempC2C5B6A1-2A7F-8E93-162E-368783613BB2-Signatures
    2013-03-01 02:00 - 2013-03-01 02:00 - 00000000 ____D C:\Windows\TempF333846A-917B-4932-C180-2FE9579C0DEE-Signatures
    2013-02-28 09:17 - 2013-02-28 09:17 - 00000000 ____D C:\Windows\TempEAF5E822-E137-967B-8A1C-4C311DD4FA5B-Signatures
    2013-02-28 02:01 - 2013-01-13 13:53 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2013-02-28 02:01 - 2013-01-13 13:24 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
    2013-02-28 02:01 - 2013-01-04 00:11 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
    2013-02-28 02:01 - 2013-01-04 00:11 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2013-02-28 02:00 - 2013-01-13 15:17 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:17 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:16 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:11 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:11 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 15:11 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:35 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:35 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:35 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:31 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-02-28 02:00 - 2013-01-13 14:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-02-28 02:00 - 2013-01-13 14:20 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-02-28 02:00 - 2013-01-13 14:09 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2013-02-28 02:00 - 2013-01-13 14:08 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2013-02-28 02:00 - 2013-01-13 14:08 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2013-02-28 02:00 - 2013-01-13 13:59 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2013-02-28 02:00 - 2013-01-13 13:58 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
    2013-02-28 02:00 - 2013-01-13 13:54 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2013-02-28 02:00 - 2013-01-13 13:53 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2013-02-28 02:00 - 2013-01-13 13:51 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
    2013-02-28 02:00 - 2013-01-13 13:49 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
    2013-02-28 02:00 - 2013-01-13 13:48 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2013-02-28 02:00 - 2013-01-13 13:46 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2013-02-28 02:00 - 2013-01-13 13:43 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2013-02-28 02:00 - 2013-01-13 13:38 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
    2013-02-28 02:00 - 2013-01-13 13:38 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
    2013-02-28 02:00 - 2013-01-13 13:38 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
    2013-02-28 02:00 - 2013-01-13 13:37 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-02-28 02:00 - 2013-01-13 13:25 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
    2013-02-28 02:00 - 2013-01-13 13:24 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
    2013-02-28 02:00 - 2013-01-13 13:20 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
    2013-02-28 02:00 - 2013-01-13 13:20 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
    2013-02-28 02:00 - 2013-01-13 13:15 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
    2013-02-28 02:00 - 2013-01-13 13:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
    2013-02-28 02:00 - 2013-01-13 13:02 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-02-28 02:00 - 2013-01-13 12:34 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2013-02-28 02:00 - 2013-01-13 12:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
    2013-02-28 02:00 - 2013-01-13 12:09 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
    2013-02-28 02:00 - 2013-01-13 11:26 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2013-02-28 02:00 - 2013-01-13 11:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
    2013-02-27 00:29 - 2013-02-27 00:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-02-23 18:47 - 2013-02-23 18:47 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-02-23 18:47 - 2013-02-23 18:47 - 00001785 ____A C:\ProgramData\Desktop\iTunes.lnk
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\ProgramData\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\Program Files\iTunes
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\Program Files\iPod
    2013-02-23 10:54 - 2013-02-23 10:54 - 00000000 ____D C:\Windows\TempA0B2A5A6-9BFF-FEFB-D41E-0CEA860F17FD-Signatures
    2013-02-21 02:00 - 2013-02-21 02:00 - 00000000 ____D C:\Windows\TempEBD87E32-814D-8E72-6D45-A5257859D3FF-Signatures
    2013-02-19 02:02 - 2013-02-19 02:02 - 00000000 ____D C:\Windows\Temp3F71CA7B-CF21-D267-F67F-0EACBDCA76E6-Signatures
    2013-02-18 02:04 - 2013-02-18 02:04 - 00000000 ____D C:\Windows\Temp231ED61D-AA19-6111-12BB-711352A663FD-Signatures
    2013-02-17 02:04 - 2013-02-17 02:04 - 00000000 ____D C:\Windows\Temp27F9C661-3362-8A4E-9405-C16E19803719-Signatures
    2013-02-16 12:43 - 2013-02-16 12:43 - 00000000 ____D C:\Windows\Temp7B3B4EFD-571D-A13B-17CA-6D417D769C66-Signatures
    2013-02-14 06:14 - 2013-02-14 06:14 - 00000000 ____D C:\Windows\Temp15AB3785-95CF-73C0-ACDD-5CBA2C918337-Signatures
    2013-02-14 06:09 - 2013-02-14 06:09 - 00000000 ____D C:\Windows\TempA61EFF70-1F39-AD6F-C4DC-7EEFD66D6D7E-Signatures
    2013-02-14 03:17 - 2013-02-14 03:17 - 00000000 ____D C:\Windows\Temp78E8370C-CB6C-A097-CB0F-C2203938FBDA-Signatures
    2013-02-14 02:17 - 2013-02-14 02:17 - 00000000 ____D C:\Windows\Temp5CEDDFEE-50F2-E594-F6D9-A68B264AC4C2-Signatures
    2013-02-14 00:50 - 2013-02-14 00:50 - 00000000 ____D C:\Windows\Temp4143E78D-F4A4-126D-BA44-97D503E2A272-Signatures
    2013-02-14 00:48 - 2013-01-08 19:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-02-14 00:48 - 2013-01-08 19:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-02-14 00:48 - 2013-01-08 19:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-02-14 00:48 - 2013-01-08 19:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-02-14 00:48 - 2013-01-08 19:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-02-14 00:48 - 2013-01-08 19:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-02-14 00:48 - 2013-01-08 19:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-02-14 00:48 - 2013-01-08 19:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-02-14 00:48 - 2013-01-08 19:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-02-14 00:48 - 2013-01-08 19:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-02-14 00:48 - 2013-01-08 19:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-02-14 00:48 - 2013-01-08 19:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-02-14 00:48 - 2013-01-08 19:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-02-14 00:48 - 2013-01-08 19:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-02-14 00:48 - 2013-01-08 19:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-02-14 00:48 - 2013-01-08 19:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-02-14 00:48 - 2013-01-08 16:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-02-14 00:48 - 2013-01-08 16:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-02-14 00:48 - 2013-01-08 16:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-02-14 00:48 - 2013-01-08 16:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-02-14 00:48 - 2013-01-08 16:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-02-14 00:48 - 2013-01-08 16:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-02-14 00:48 - 2013-01-08 16:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-02-14 00:48 - 2013-01-08 16:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-02-14 00:48 - 2013-01-08 15:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-02-14 00:48 - 2013-01-08 15:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-02-14 00:48 - 2013-01-08 15:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-02-14 00:48 - 2013-01-08 15:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-02-14 00:48 - 2013-01-08 15:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-02-14 00:48 - 2013-01-08 15:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-02-14 00:48 - 2013-01-08 15:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-02-14 00:48 - 2013-01-08 15:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-02-13 08:18 - 2013-01-04 23:53 - 05553512 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-02-13 08:18 - 2013-01-04 23:00 - 03967848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-02-13 08:18 - 2013-01-04 23:00 - 03913064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-02-13 08:18 - 2013-01-03 23:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-02-13 08:18 - 2013-01-03 22:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-02-13 08:18 - 2013-01-03 21:26 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-02-13 08:18 - 2013-01-03 20:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-02-13 08:18 - 2013-01-03 20:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-02-13 08:18 - 2013-01-03 20:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-02-13 08:18 - 2013-01-03 20:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-02-13 08:18 - 2013-01-03 00:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-02-13 08:18 - 2013-01-03 00:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS


    ==================== One Month Modified Files and Folders =======

    2013-03-06 10:19 - 2013-03-06 10:19 - 00000000 ____D C:\FRST
    2013-03-06 10:16 - 2011-10-11 09:21 - 01617220 ____A C:\Windows\WindowsUpdate.log
    2013-03-06 10:10 - 2013-01-27 18:58 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2545821085-1060163002-239474142-1002UA.job
    2013-03-06 09:58 - 2009-07-13 23:13 - 00779788 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-03-06 09:55 - 2013-03-05 23:00 - 00000850 ____A C:\Windows\setupact.log
    2013-03-06 09:35 - 2012-04-06 21:34 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-03-06 08:39 - 2011-10-11 09:42 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
    2013-03-05 23:09 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-03-05 23:09 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
    2013-03-05 23:02 - 2011-10-11 09:49 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2013-03-05 23:01 - 2011-11-28 20:18 - 00000000 ___RD C:\Users\Heather\Dropbox
    2013-03-05 23:01 - 2011-11-28 20:14 - 00000000 ____D C:\Users\Heather\Application Data\Dropbox
    2013-03-05 23:01 - 2011-11-28 20:14 - 00000000 ____D C:\Users\Heather\AppData\Roaming\Dropbox
    2013-03-05 23:00 - 2011-10-11 09:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-03-05 23:00 - 2011-10-11 09:18 - 00000000 ____D C:\ProgramData\Application Data\NVIDIA
    2013-03-05 23:00 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-03-05 22:59 - 2013-03-04 21:31 - 00022412 ____A C:\Windows\PFRO.log
    2013-03-05 22:23 - 2013-03-05 22:23 - 00001266 ____A C:\Users\Heather\Desktop\Revo Uninstaller.lnk
    2013-03-05 22:23 - 2013-03-05 22:23 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
    2013-03-05 22:22 - 2013-03-05 22:22 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Heather\Desktop\revosetup.exe
    2013-03-05 18:43 - 2013-01-27 18:58 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2545821085-1060163002-239474142-1002Core.job
    2013-03-05 14:38 - 2013-03-05 14:38 - 00602112 ____A (OldTimer Tools) C:\Users\Heather\Desktop\OTL.exe
    2013-03-05 14:28 - 2013-03-05 14:28 - 00001072 ____A C:\Users\Heather\Desktop\JRT.txt
    2013-03-05 14:21 - 2013-03-04 19:36 - 00000000 ____D C:\JRT
    2013-03-05 13:45 - 2013-03-05 13:45 - 00001083 ____A C:\AdwCleaner[S2].txt
    2013-03-05 11:55 - 2012-10-23 13:39 - 00002153 ____A C:\Windows\epplauncher.mif
    2013-03-05 11:50 - 2013-03-05 11:50 - 13475464 ____A (Microsoft Corporation) C:\Users\Heather\Downloads\mseinstall.exe
    2013-03-05 02:01 - 2012-10-21 18:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2013-03-05 02:01 - 2012-10-18 22:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\Local Settings\Symantec
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\Local Settings\Application Data\Symantec
    2013-03-04 23:15 - 2013-03-04 23:15 - 00000000 ____D C:\Users\Heather\AppData\Local\Symantec
    2013-03-04 22:12 - 2011-11-27 22:58 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
    2013-03-04 21:39 - 2013-03-04 21:39 - 00866592 ____A C:\Users\Heather\Desktop\Norton_Removal_Tool.exe
    2013-03-04 21:35 - 2013-03-04 21:35 - 00547723 ____A (Oleg N. Scherbakov) C:\Users\Heather\Desktop\JRT.exe
    2013-03-04 21:32 - 2009-07-13 23:08 - 00032572 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2013-03-04 21:29 - 2013-03-04 21:29 - 00003132 ____A C:\AdwCleaner[S1].txt
    2013-03-04 21:28 - 2013-03-04 21:28 - 00003030 ____A C:\AdwCleaner[R2].txt
    2013-03-04 21:25 - 2013-03-04 21:25 - 00597667 ____A C:\Users\Heather\Desktop\adwcleaner.exe
    2013-03-04 21:25 - 2013-03-04 21:25 - 00002970 ____A C:\AdwCleaner[R1].txt
    2013-03-04 21:18 - 2013-03-04 21:18 - 00040259 ____A C:\ComboFix.txt
    2013-03-04 21:18 - 2013-03-04 21:09 - 00000000 ____D C:\Qoobox
    2013-03-04 21:16 - 2009-07-13 20:34 - 00000215 ____A C:\Windows\system.ini
    2013-03-04 19:37 - 2013-03-04 19:37 - 00000000 ____D C:\Windows\ERUNT
    2013-03-04 14:54 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\NDF
    2013-03-04 11:21 - 2012-10-23 10:46 - 00000000 ____D C:\Users\Heather\Desktop\Scans
    2013-03-04 02:02 - 2013-03-04 02:02 - 00000000 ____D C:\Windows\TempE04CF95F-3D09-7D18-ED9B-42568C2F4661-Signatures
    2013-03-03 23:10 - 2011-10-17 19:03 - 00000000 ____D C:\Users\Heather\Application Data\Skype
    2013-03-03 23:10 - 2011-10-17 19:03 - 00000000 ____D C:\Users\Heather\AppData\Roaming\Skype
    2013-03-03 23:07 - 2011-10-11 09:44 - 00000000 ____D C:\ProgramData\Skype
    2013-03-03 23:07 - 2011-10-11 09:44 - 00000000 ____D C:\ProgramData\Application Data\Skype
    2013-03-03 23:04 - 2011-10-11 09:44 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-03-03 22:56 - 2013-03-03 22:56 - 00000000 ____A C:\Windows\setuperr.log
    2013-03-03 22:47 - 2013-03-03 22:47 - 00000000 ____D C:\Windows\en
    2013-03-03 22:46 - 2013-03-03 22:46 - 00000000 ____D C:\Program Files\Windows Live
    2013-03-03 22:46 - 2011-10-11 09:54 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ___RD C:\Users\Heather\SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\ProgramData\Application Data\Microsoft SkyDrive
    2013-03-03 22:43 - 2013-03-03 22:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
    2013-03-03 22:43 - 2011-10-17 17:24 - 00000000 ____D C:\users\Heather
    2013-03-03 22:41 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2013-03-03 22:37 - 2013-03-03 22:37 - 00310688 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-03-03 22:37 - 2013-03-03 22:37 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
    2013-03-03 22:37 - 2012-12-12 11:23 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-03-03 22:37 - 2012-12-12 11:23 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-03-03 22:37 - 2012-10-23 10:29 - 01085344 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
    2013-03-03 22:37 - 2011-10-11 09:31 - 00963488 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-03-03 22:37 - 2011-10-11 09:31 - 00000000 ____D C:\Program Files\Java
    2013-03-03 22:35 - 2011-11-27 22:07 - 00000000 ____D C:\Program Files\CCleaner
    2013-03-03 22:23 - 2011-10-11 10:00 - 00000000 ____D C:\ProgramData\Sonic
    2013-03-03 22:23 - 2011-10-11 10:00 - 00000000 ____D C:\ProgramData\Application Data\Sonic
    2013-03-03 13:33 - 2013-03-03 13:33 - 00000000 ____D C:\Windows\Temp86CAAF9D-B4E9-ED21-1505-ED9D1037E00F-Signatures
    2013-03-03 13:28 - 2013-03-03 13:28 - 00000000 ____D C:\Windows\TempA32CCA88-2B7F-8C49-0EEE-4915E48EF262-Signatures
    2013-03-03 13:20 - 2013-03-03 13:20 - 00000000 ____D C:\Windows\Temp19A0B573-516E-49DF-A6B8-5925E3DDFA5C-Signatures
    2013-03-03 13:07 - 2013-03-03 13:07 - 00000000 ____D C:\Windows\TempC2C5B6A1-2A7F-8E93-162E-368783613BB2-Signatures
    2013-03-01 02:00 - 2013-03-01 02:00 - 00000000 ____D C:\Windows\TempF333846A-917B-4932-C180-2FE9579C0DEE-Signatures
    2013-02-28 12:47 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
    2013-02-28 09:52 - 2012-09-02 18:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-02-28 09:50 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
    2013-02-28 09:50 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
    2013-02-28 09:50 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\zh-HK
    2013-02-28 09:50 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\tr-TR
    2013-02-28 09:17 - 2013-02-28 09:17 - 00000000 ____D C:\Windows\TempEAF5E822-E137-967B-8A1C-4C311DD4FA5B-Signatures
    2013-02-27 14:11 - 2011-10-18 13:38 - 00000000 ____D C:\Users\Heather\Application Data\Mozilla
    2013-02-27 14:11 - 2011-10-18 13:38 - 00000000 ____D C:\Users\Heather\AppData\Roaming\Mozilla
    2013-02-27 00:30 - 2013-02-27 00:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-02-26 19:35 - 2012-04-06 21:34 - 00691568 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-02-26 19:35 - 2011-10-11 09:22 - 00071024 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-02-23 18:47 - 2013-02-23 18:47 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-02-23 18:47 - 2013-02-23 18:47 - 00001785 ____A C:\ProgramData\Desktop\iTunes.lnk
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\ProgramData\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\Program Files\iTunes
    2013-02-23 18:46 - 2013-02-23 18:46 - 00000000 ____D C:\Program Files\iPod
    2013-02-23 18:46 - 2012-06-13 08:47 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-02-23 10:54 - 2013-02-23 10:54 - 00000000 ____D C:\Windows\TempA0B2A5A6-9BFF-FEFB-D41E-0CEA860F17FD-Signatures
    2013-02-21 02:00 - 2013-02-21 02:00 - 00000000 ____D C:\Windows\TempEBD87E32-814D-8E72-6D45-A5257859D3FF-Signatures
    2013-02-19 02:02 - 2013-02-19 02:02 - 00000000 ____D C:\Windows\Temp3F71CA7B-CF21-D267-F67F-0EACBDCA76E6-Signatures
    2013-02-18 02:04 - 2013-02-18 02:04 - 00000000 ____D C:\Windows\Temp231ED61D-AA19-6111-12BB-711352A663FD-Signatures
    2013-02-17 02:04 - 2013-02-17 02:04 - 00000000 ____D C:\Windows\Temp27F9C661-3362-8A4E-9405-C16E19803719-Signatures
    2013-02-16 12:43 - 2013-02-16 12:43 - 00000000 ____D C:\Windows\Temp7B3B4EFD-571D-A13B-17CA-6D417D769C66-Signatures
    2013-02-14 06:14 - 2013-02-14 06:14 - 00000000 ____D C:\Windows\Temp15AB3785-95CF-73C0-ACDD-5CBA2C918337-Signatures
    2013-02-14 06:09 - 2013-02-14 06:09 - 00000000 ____D C:\Windows\TempA61EFF70-1F39-AD6F-C4DC-7EEFD66D6D7E-Signatures
    2013-02-14 03:17 - 2013-02-14 03:17 - 00000000 ____D C:\Windows\Temp78E8370C-CB6C-A097-CB0F-C2203938FBDA-Signatures
    2013-02-14 03:15 - 2012-02-07 23:36 - 00000000 ____D C:\Program Files (x86)\DivX
    2013-02-14 03:15 - 2012-02-07 23:35 - 00000000 ____D C:\ProgramData\DivX
    2013-02-14 03:15 - 2012-02-07 23:35 - 00000000 ____D C:\ProgramData\Application Data\DivX
    2013-02-14 03:13 - 2011-10-11 09:42 - 00000000 ____D C:\ProgramData\Application Data\Adobe
    2013-02-14 03:13 - 2011-10-11 09:42 - 00000000 ____D C:\ProgramData\Adobe
    2013-02-14 02:17 - 2013-02-14 02:17 - 00000000 ____D C:\Windows\Temp5CEDDFEE-50F2-E594-F6D9-A68B264AC4C2-Signatures
    2013-02-14 01:28 - 2009-07-13 22:45 - 00489664 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-02-14 01:03 - 2011-11-06 18:39 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-02-14 01:03 - 2011-11-06 18:39 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
    2013-02-14 01:00 - 2011-10-19 08:26 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-02-14 00:50 - 2013-02-14 00:50 - 00000000 ____D C:\Windows\Temp4143E78D-F4A4-126D-BA44-97D503E2A272-Signatures
    2013-02-12 08:54 - 2012-04-06 14:48 - 00000000 ____D C:\Program Files\Dell Support Center
    2013-02-12 08:54 - 2011-10-19 09:00 - 00000000 ____D C:\ProgramData\PCDr
    2013-02-12 08:54 - 2011-10-19 09:00 - 00000000 ____D C:\ProgramData\Application Data\PCDr

    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-03-03 13:06:47
    Restore point made on: 2013-03-03 13:19:25
    Restore point made on: 2013-03-03 13:28:23
    Restore point made on: 2013-03-03 13:32:54
    Restore point made on: 2013-03-03 22:36:35
    Restore point made on: 2013-03-03 22:38:51
    Restore point made on: 2013-03-03 22:40:06
    Restore point made on: 2013-03-03 22:40:55
    Restore point made on: 2013-03-03 22:41:37
    Restore point made on: 2013-03-03 22:42:48
    Restore point made on: 2013-03-03 22:44:08
    Restore point made on: 2013-03-03 22:44:39
    Restore point made on: 2013-03-03 22:45:22
    Restore point made on: 2013-03-03 22:45:54
    Restore point made on: 2013-03-04 02:01:05
    Restore point made on: 2013-03-04 21:01:38
    Restore point made on: 2013-03-04 21:41:22
    Restore point made on: 2013-03-04 22:08:50
    Restore point made on: 2013-03-04 22:11:32
    Restore point made on: 2013-03-05 02:00:47
    Restore point made on: 2013-03-05 22:26:16

    ==================== Memory info ===========================

    Percentage of memory in use: 9%
    Total physical RAM: 8086.17 MB
    Available physical RAM: 7307.55 MB
    Total Pagefile: 8084.37 MB
    Available Pagefile: 7294.02 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.9 MB

    ==================== Partitions =============================

    1 Drive c: (OS) (Fixed) (Total:679 GB) (Free:577.49 GB) NTFS
    2 Drive d: (RECOVERY) (Fixed) (Total:19.53 GB) (Free:11.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    3 Drive e: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 698 GB 2048 KB
    Disk 1 Online 1911 MB 0 B

    Partitions of Disk 0:
    ===============

    Disk ID: 07F2837E

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 OEM 101 MB 31 KB
    Partition 2 Primary 19 GB 104 MB
    Partition 3 Primary 679 GB 19 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : DE
    Hidden: Yes
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 FAT Partition 101 MB Healthy Hidden

    =========================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 D RECOVERY NTFS Partition 19 GB Healthy

    =========================================================

    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C OS NTFS Partition 679 GB Healthy

    =========================================================

    Partitions of Disk 1:
    ===============

    Disk ID: 657E51E3

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 1907 MB 4032 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 0E
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E FAT Removable 1907 MB Healthy

    =========================================================

    Last Boot: 2013-03-04 23:56

    ==================== End Of Log =============================
     
  3. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
     

    Attached Files:

  4. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    How do I do this? do I go into command prompt again? and do I just run the frst64 without mention of the fixlist?
     
  5. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    You do this the very same way as you created original log, through System Recovery Options
     
  6. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2013 01
    Ran by SYSTEM at 2013-03-06 15:48:28 Run:1
    Running from E:\

    ==============================================

    HKEY_LOCAL_MACHINE\software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ccApp Value deleted successfully.
    C:\Program Files (x86)\Common Files\Symantec Shared moved successfully.
    ccEvtMgr service deleted successfully.
    ccSetMgr service deleted successfully.
    LiveUpdate service deleted successfully.
    C:\PROGRA~2\Symantec moved successfully.
    SmcService service deleted successfully.
    SNAC service deleted successfully.
    Symantec AntiVirus service deleted successfully.
    C:\Program Files (x86)\Symantec not found.
    eeCtrl service deleted successfully.
    NAVENG service deleted successfully.
    NAVEX15 service deleted successfully.
    C:\PROGRA~3\Symantec moved successfully.
    SRTSP service deleted successfully.
    SRTSPL service deleted successfully.
    SRTSPX service deleted successfully.
    C:\Windows\System32\Drivers\SRTSP64.SYS moved successfully.
    C:\Windows\System32\Drivers\SRTSPL64.SYS moved successfully.
    C:\Windows\System32\Drivers\SRTSPX64.SYS moved successfully.
    C:\Users\Heather\Local Settings\Symantec moved successfully.
    C:\Users\Heather\Local Settings\Application Data\Symantec not found.
    C:\Users\Heather\AppData\Local\Symantec not found.

    ==== End of Fixlog ====
     
  7. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    Delete your OTL file, download fresh one and see if you can run it from normal or safe mode.
     
  8. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Same thing with otl. says not responding.
     
  9. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    How is computer doing at the moment?

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    [​IMG] Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click on List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
  10. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    The computer seems to be getting slightly worse. It now shows the wrong time.
     
  11. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Results of screen317's Security Check version 0.99.60
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Spybot - Search & Destroy
    Secunia PSI (3.0.0.4001)
    Malwarebytes Anti-Malware version 1.70.0.1100
    Java(TM) 6 Update 32
    Java 7 Update 9
    Java version out of Date!
    Adobe Flash Player 11.6.602.171
    Adobe Reader XI
    Mozilla Firefox (19.0)
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    Spybot Teatimer.exe is disabled!
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 8%
    ````````````````````End of Log``````````````````````
     
     
  12. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Farbar Service Scanner Version: 03-03-2013
    Ran by Heather (administrator) on 06-03-2013 at 18:13:59
    Running from "C:\Users\Heather\Desktop"
    Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo IP is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============

    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\System32\dhcpcore.dll => MD5 is legit
    C:\Windows\System32\drivers\afd.sys => MD5 is legit
    C:\Windows\System32\drivers\tdx.sys => MD5 is legit
    C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\System32\dnsrslvr.dll => MD5 is legit
    C:\Windows\System32\mpssvc.dll => MD5 is legit
    C:\Windows\System32\bfe.dll => MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\System32\SDRSVC.dll => MD5 is legit
    C:\Windows\System32\vssvc.exe => MD5 is legit
    C:\Windows\System32\wscsvc.dll => MD5 is legit
    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\System32\wuaueng.dll => MD5 is legit
    C:\Windows\System32\qmgr.dll => MD5 is legit
    C:\Windows\System32\es.dll => MD5 is legit
    C:\Windows\System32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit


    **** End of log ****
     
  13. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    Did you adjust the time?
    What else is worse?
     
  14. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    I have not adjusted the time. That is the main thing I've noticed that's changed. And just the scans not completing right.
     
  15. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    What scans?

    Adjust the time and see if it holds.
     
  16. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    Eset found no threats.

    I adjusted the time but it resets to the wrong time with restarting the computer.
     
  17. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    You may need to replace CMOS battery.

    Anything else wrong with your computer?
     
  18. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    I don't think anything else is wrong. What is the CMOS battery? The time was correct before beginning this process.
     
  19. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    How to replace CMOS battery: http://pctechnotes.com/how-to-change-your-cmos-battery/

    Also....

    1. Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    2. Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it.
    • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.
    • Do NOT post JavaRa log.
     
  20. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    I really don't think it would be a battery problem. It's a pretty new computer and the time runs at the correct pace, just shows up as some hours behind (with the correct minutes). Also, this problem just started since we started these virus scans.

    Also, the update Java link gives me this error message:
    Verify Java Version

    We are unable to verify if Java is currently installed and enabled in your browser.
    If you have installed Java and there is an error with the verification, there could be a configuration issue (eg. browser, Java control panel, security settings).
     
  21. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    Regarding Java...
    Run JavaRa first.
    Then go here: http://www.java.com/en/download/manual.jsp and download standalone installer.

    As for computer clock...
    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.
    Good luck :)
     
  22. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

    The Java Setup says installation failed because the wizard was interrupted.
     
  23. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    Did you run JavaRa first?
     
  24. hlevin

    hlevin TS Rookie Topic Starter Posts: 85

  25. Broni

    Broni Malware Annihilator Posts: 47,719   +268

    I suggest new topic in Windows forum regarding Java and computer clock issues.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.