Firefox Problems - Untrusted Websites

Started by LindaEllis, December 23, 2015, 01:54:27 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages 1 2 3 4 5
User actions

LindaEllis

#30
December 25, 2015, 12:33:44 AM
Corrine, I am not a computer geek, but I can tell there certainly are a lot of errors and failures, etc.   I don't know what I should be doing next.  Thank you for the tool. 

Corrine

#31
December 25, 2015, 12:40:23 AM
Hi, Linda. 

Yes, I saw those errors.  So far, my research is only showing older posts where people have the same error but I haven't found a solution yet.   In the meantime, the FRST.txt log is located in C:\Users\Customer\Downloads.  Please reopen that in Notepad and copy/paste it here as a reply.  It will likely take me a while to review the logs but v_v has assigned you another task anyway.  :D

Thanks.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

LindaEllis

#32
December 25, 2015, 12:49:25 AM
Hi Corrine,

I did paste it the second time from the desktop, so this might be a repeat of it.  I obtained by accessing the C:\Users\Customer\Downloads:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-12-2015
Ran by Customer (administrator) on LINDAJEANLIMESE (24-12-2015 19:10:08)
Running from C:\Users\Customer\Downloads
Loaded Profiles: Customer (Available Profiles: Customer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(TeamViewer GmbH) C:\Users\Customer\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Church of Jesus Christ of Latter-day Saints) C:\Program Files (x86)\FamilySearch\Paf5\paf5.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952376 2015-12-21] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\...\MountPoints2: {477cffee-a7ea-11e5-a835-001aa0e8b05d} - E:\LaunchU3.exe -a
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\...\MountPoints2: {477cfff0-a7ea-11e5-a835-001aa0e8b05d} - F:\LaunchU3.exe -a
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-21] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
Tcpip\..\Interfaces\{91412CAC-521D-4243-8AA3-F6E6A148B160}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EACF0F70-B08B-4282-8C36-7F2FC28DA68B}: [DhcpNameServer] 172.16.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3311552913-1744306017-1404303799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll => No File
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll No File
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File
IE Session Restore: HKU\S-1-5-21-3311552913-1744306017-1404303799-1001 -> is enabled.

FireFox:
========
FF ProfilePath: C:\Users\Customer\AppData\Roaming\Mozilla\Firefox\Profiles\vsevnly1.default-1449953797411
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-16]
CHR Extension: (Google Drive) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-16]
CHR Extension: (Google Search) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Sheets) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-15]
CHR Extension: (Gmail) - C:\Users\Customer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-16]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-04] (Dropbox, Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8979416 2012-11-20] (DisplayLink Corp.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG)
R2 TeamViewer; c:\users\customer\appdata\local\temp\teamviewer\TeamViewer_Service.exe [5532432 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [17408 2015-11-16] (hxxp://libusb-win32.sourceforge.net)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-07-30] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-07-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2015-07-30] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-24 19:10 - 2015-12-24 19:10 - 00014622 _____ C:\Users\Customer\Downloads\FRST.txt
2015-12-24 19:10 - 2015-12-24 19:10 - 00000000 ____D C:\FRST
2015-12-24 19:08 - 2015-12-24 19:08 - 02370560 _____ (Farbar) C:\Users\Customer\Downloads\FRST64.exe
2015-12-24 19:07 - 2015-12-24 19:07 - 01721856 _____ (Farbar) C:\Users\Customer\Downloads\FRST (1).exe
2015-12-24 19:06 - 2015-12-24 19:06 - 01721856 _____ (Farbar) C:\Users\Customer\Downloads\FRST.exe
2015-12-24 17:33 - 2015-12-24 17:33 - 05028296 _____ (Adobe Systems Inc.) C:\Users\Customer\Downloads\Shockwave_Installer_Slim (3).exe
2015-12-24 17:32 - 2015-12-24 17:33 - 05028296 _____ (Adobe Systems Inc.) C:\Users\Customer\Downloads\Shockwave_Installer_Slim (2).exe
2015-12-24 17:32 - 2015-12-24 17:33 - 05028296 _____ (Adobe Systems Inc.) C:\Users\Customer\Downloads\Shockwave_Installer_Slim (1).exe
2015-12-24 17:31 - 2015-12-24 17:32 - 05028296 _____ (Adobe Systems Inc.) C:\Users\Customer\Downloads\Shockwave_Installer_Slim.exe
2015-12-23 23:35 - 2015-12-23 23:35 - 00248632 _____ C:\Users\Customer\Downloads\Firefox Setup Stub 43.0.2 (2).exe
2015-12-23 23:27 - 2015-12-23 23:27 - 00248632 _____ C:\Users\Customer\Downloads\Firefox Setup Stub 43.0.2 (1).exe
2015-12-23 23:08 - 2015-12-23 23:08 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-23 23:08 - 2015-12-23 23:08 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-23 23:08 - 2015-12-23 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-23 23:08 - 2015-12-23 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-23 23:00 - 2015-12-23 23:00 - 00248632 _____ C:\Users\Customer\Downloads\Firefox Setup Stub 43.0.2.exe
2015-12-23 17:23 - 2015-12-23 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-23 16:47 - 2015-12-23 16:47 - 02546817 _____ C:\Users\Customer\Documents\HARMON LIMES & FAMILY - 12-23-2015.ged
2015-12-23 16:46 - 2015-12-23 23:58 - 02854912 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - DECEMBER 23 2015.paf
2015-12-23 16:42 - 2015-12-23 16:42 - 01564797 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - 12-23-2015 (2015-12-23).rmgb
2015-12-23 16:41 - 2015-12-23 16:45 - 04328448 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - 12-23-2015.rmgc
2015-12-22 22:45 - 2015-12-22 22:50 - 47305048 _____ C:\Users\Customer\Downloads\Firefox Setup 43.0.2.exe
2015-12-22 20:05 - 2015-12-22 20:07 - 21877232 _____ (Flickr) C:\Users\Customer\Downloads\FlickrUploadrInstallr.exe
2015-12-22 16:57 - 2015-12-22 16:58 - 06937888 _____ (TeamViewer) C:\Users\Customer\Downloads\TeamViewerQS_en-ckj (2).exe
2015-12-22 16:26 - 2015-12-22 16:27 - 06937888 _____ (TeamViewer) C:\Users\Customer\Downloads\TeamViewerQS_en-ckj (1).exe
2015-12-22 16:20 - 2015-12-22 16:20 - 00000000 ____D C:\Users\Customer\AppData\Roaming\Sun
2015-12-22 16:20 - 2015-12-22 16:20 - 00000000 ____D C:\Users\Customer\AppData\LocalLow\Sun
2015-12-22 16:20 - 2015-12-22 16:20 - 00000000 ____D C:\Users\Customer\.oracle_jre_usage
2015-12-22 16:19 - 2015-12-22 16:21 - 00000000 ____D C:\ProgramData\Oracle
2015-12-22 16:18 - 2015-12-22 16:18 - 00000000 ____D C:\Users\Customer\AppData\LocalLow\Oracle
2015-12-22 16:12 - 2015-12-22 16:18 - 50200160 _____ (Oracle Corporation) C:\Users\Customer\Downloads\jre-8u66-windows-i586.exe
2015-12-22 16:06 - 2015-12-22 16:06 - 00000000 ____D C:\Users\Customer\AppData\Roaming\TeamViewer
2015-12-22 16:04 - 2015-12-22 16:06 - 06937888 _____ (TeamViewer) C:\Users\Customer\Downloads\TeamViewerQS_en-ckj.exe
2015-12-21 22:10 - 2015-12-21 22:10 - 00024064 ___SH C:\Users\Customer\Thumbs.db
2015-12-21 19:14 - 2015-12-21 19:14 - 00249416 _____ C:\Users\Customer\Downloads\Firefox Setup Stub 43.0.1.exe
2015-12-21 19:14 - 2015-12-21 19:14 - 00249416 _____ C:\Users\Customer\Downloads\Firefox Setup Stub 43.0.1 (1).exe
2015-12-18 11:32 - 2015-12-18 11:32 - 00125206 _____ C:\Users\Customer\Downloads\Attachments_20151218.zip
2015-12-13 06:30 - 2015-12-13 06:30 - 00000000 ____D C:\Users\Customer\AppData\LocalLow\Temp
2015-12-12 22:07 - 2015-12-12 22:07 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-12 22:01 - 2015-12-12 22:01 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-12-12 21:59 - 2015-12-12 22:01 - 00000000 ____D C:\Users\Customer\AppData\Roaming\Canon
2015-12-11 22:58 - 2015-12-20 16:48 - 00000237 _____ C:\Users\Customer\Desktop\Tombstone Birthday calculator at Ancestor Search.url
2015-12-11 11:05 - 2015-12-11 11:05 - 00016519 _____ C:\Users\Customer\Documents\Wheaton-Bottles.xlsx
2015-12-09 16:04 - 2015-12-12 15:56 - 00000000 ____D C:\Users\Customer\Desktop\Old Firefox Data
2015-12-09 10:44 - 2015-11-11 16:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:44 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:44 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:44 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:44 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:44 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:44 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:44 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:44 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:44 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:44 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:44 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:44 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:44 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:44 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:44 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:44 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:44 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:44 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:44 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:44 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:44 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:44 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:44 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:44 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:44 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:44 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:44 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:44 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:44 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:44 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:44 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:44 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:44 - 2015-11-08 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:44 - 2015-11-08 17:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:44 - 2015-11-08 17:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:44 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:44 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:44 - 2015-11-08 17:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:44 - 2015-11-08 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:44 - 2015-11-08 17:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:44 - 2015-11-08 17:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:44 - 2015-11-08 17:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:44 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:44 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:44 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:44 - 2015-11-08 17:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:44 - 2015-11-08 17:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:44 - 2015-11-08 17:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:44 - 2015-11-08 16:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:44 - 2015-11-08 16:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:44 - 2015-11-08 16:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:44 - 2015-11-08 16:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:44 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:44 - 2015-11-08 16:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:44 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:44 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:44 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:44 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:44 - 2015-11-08 16:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:44 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:44 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:44 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:44 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:35 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:35 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:35 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:35 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:35 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:35 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:35 - 2015-11-05 14:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 10:35 - 2015-11-05 14:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 10:35 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:35 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:34 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:34 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:34 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:34 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:34 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:34 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:34 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:30 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:30 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 22:42 - 2015-12-08 22:42 - 00002978 _____ C:\Windows\System32\Tasks\{4D80020E-0891-4A5A-974F-A3F26942D980}
2015-12-07 13:45 - 2015-12-07 13:45 - 00000000 ____D C:\Users\Customer\Documents\FamilySearch
2015-12-07 10:22 - 2015-12-07 10:22 - 00000000 ____D C:\Users\Customer\AppData\Local\ElevatedDiagnostics
2015-12-06 23:47 - 2015-12-06 23:47 - 00000000 ___RD C:\Users\Customer\Documents\Scanned Documents
2015-12-06 23:47 - 2015-12-06 23:47 - 00000000 ____D C:\Users\Customer\Documents\Fax
2015-12-06 20:36 - 2015-12-23 16:40 - 01542144 _____ C:\Users\Customer\Documents\WINDER FAMILY.rmgc
2015-12-06 20:36 - 2015-12-02 17:14 - 04326400 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - DECEMBER 2 2015.rmgc
2015-12-06 20:36 - 2014-11-18 16:06 - 00055596 _____ C:\Users\Customer\Documents\Medicare Part D Coverage Destermination.pdf
2015-12-06 20:36 - 2014-09-25 08:46 - 00342782 _____ C:\Users\Customer\Documents\WINDER FAMILY (2014-09-25).rmgb
2015-12-06 20:36 - 2014-03-12 09:27 - 01693696 _____ C:\Users\Customer\Documents\RAZEE FAMILY.rmgc
2015-12-06 20:36 - 2014-03-12 09:27 - 00382069 _____ C:\Users\Customer\Documents\RAZEE FAMILY (2014-03-12).rmgb
2015-12-06 20:36 - 2014-03-11 21:17 - 09022464 _____ C:\Users\Customer\Documents\CORY FAMILY.rmgc
2015-12-06 20:36 - 2014-02-25 16:22 - 00086846 _____ C:\Users\Customer\Documents\Linda Ellis XP to Windows 7 - 2-25-25.2014.mht
2015-12-06 20:36 - 2012-11-16 20:29 - 00421888 _____ C:\Users\Customer\Documents\RAZEE FAMILY FROM SONJA CHRISTOFFERSON.PAF
2015-12-06 20:33 - 2015-12-06 20:33 - 00000000 ____D C:\Users\Customer\Documents\LUMBAR SPINE XRAY - 12-4-2014
2015-12-06 20:29 - 2015-12-06 20:29 - 00000132 _____ C:\Users\Customer\AppData\default.pls
2015-12-06 15:22 - 2015-12-24 14:10 - 00000000 ____D C:\Users\Customer\Documents\MAIN DOCUMENTS LIBRARY
2015-12-06 15:18 - 2015-12-06 15:19 - 00000000 ____D C:\Users\Customer\Documents\2007 PHOTOS FROM KODAK CD
2015-12-05 16:31 - 2015-12-05 16:31 - 00000000 ____D C:\Users\Customer\AppData\LocalLow\Adobe
2015-12-05 16:31 - 2015-12-05 16:31 - 00000000 ____D C:\Users\Customer\AppData\Local\CEF
2015-12-05 16:25 - 2015-12-05 16:29 - 00000000 ____D C:\PCOMP5
2015-12-05 16:25 - 2015-12-05 16:25 - 00000583 _____ C:\Users\Public\Desktop\PAF Companion.lnk
2015-12-05 16:25 - 2015-12-05 16:25 - 00000000 ____D C:\Users\Customer\AppData\Local\Progeny
2015-12-05 16:25 - 2010-09-01 13:51 - 04218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2015-12-05 09:50 - 2015-12-05 09:50 - 00000893 _____ C:\Users\Customer\Desktop\LINDA JEAN LIMES - DECEMBER 5 2015.paf - Shortcut.lnk
2015-12-05 09:49 - 2015-12-23 15:45 - 00881472 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - DECEMBER 5 2015.zip
2015-12-05 09:48 - 2015-12-23 16:46 - 02854912 _____ C:\Users\Customer\Documents\LINDA JEAN LIMES - DECEMBER 5 2015.paf
2015-12-05 09:37 - 2015-12-05 16:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-05 09:37 - 2015-12-05 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FamilySearch
2015-12-05 09:37 - 2015-12-05 09:37 - 00002018 _____ C:\Users\Public\Desktop\PAF 5.lnk
2015-12-05 09:37 - 2015-12-05 09:37 - 00000000 ____D C:\Program Files (x86)\FamilySearch
2015-12-05 09:16 - 2015-12-20 16:49 - 00001998 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-12-05 09:15 - 2015-12-05 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-05 07:11 - 2015-12-05 07:11 - 00000000 ____D C:\Users\Customer\AppData\Local\ESET
2015-12-04 21:45 - 2015-12-05 07:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-04 21:44 - 2015-12-07 12:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-04 21:44 - 2015-12-04 21:44 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-12-04 21:43 - 2015-12-04 21:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-04 17:40 - 2015-12-04 17:40 - 00001069 _____ C:\Users\Customer\Desktop\RootsMagic 6 To-Go.lnk
2015-12-04 17:40 - 2015-12-04 17:40 - 00001049 _____ C:\Users\Customer\Desktop\RootsMagic 6.lnk
2015-12-04 17:40 - 2015-12-04 17:40 - 00000000 ____D C:\Users\Customer\AppData\Roaming\RootsMagic
2015-12-04 17:40 - 2015-12-04 17:40 - 00000000 ____D C:\ProgramData\RootsMagic Shared
2015-12-04 17:40 - 2015-12-04 17:40 - 00000000 ____D C:\ProgramData\RootsMagic
2015-12-04 17:40 - 2015-12-04 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RootsMagic 6
2015-12-04 17:40 - 2015-12-04 17:40 - 00000000 ____D C:\Program Files (x86)\RootsMagic 6
2015-12-04 16:17 - 2015-12-24 07:57 - 00000000 ___RD C:\Users\Customer\Dropbox
2015-12-04 16:17 - 2015-12-04 16:17 - 00001230 _____ C:\Users\Customer\Desktop\Dropbox.lnk
2015-12-04 16:11 - 2015-12-04 16:11 - 00000000 ____D C:\Users\Customer\AppData\Roaming\Dropbox
2015-12-04 16:05 - 2015-12-24 19:10 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-04 16:05 - 2015-12-24 16:10 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-04 16:05 - 2015-12-24 07:57 - 00000000 ____D C:\Users\Customer\AppData\Local\Dropbox
2015-12-04 16:05 - 2015-12-23 17:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-04 16:05 - 2015-12-04 16:05 - 00003908 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-04 16:05 - 2015-12-04 16:05 - 00003656 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-04 16:05 - 2015-12-04 16:05 - 00000000 ____D C:\ProgramData\Dropbox
2015-12-04 15:19 - 2015-12-04 16:12 - 00000000 ____D C:\Users\Customer\AppData\Roaming\WinPatrol
2015-12-04 15:18 - 2015-12-04 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-12-04 15:18 - 2015-12-04 15:18 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-04 15:18 - 2015-12-04 15:18 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-12-04 14:57 - 2015-12-04 14:57 - 00000000 ____D C:\Users\Customer\AppData\Local\Microsoft Games
2015-12-04 12:04 - 2015-12-04 12:04 - 00002693 _____ C:\Users\Customer\Desktop\Microsoft Office Word 2007.lnk
2015-12-04 12:04 - 2015-12-04 12:04 - 00002655 _____ C:\Users\Customer\Desktop\Microsoft Office Excel 2007.lnk
2015-12-04 11:57 - 2015-12-04 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-04 11:53 - 2015-12-04 11:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-12-04 11:52 - 2015-12-04 11:52 - 00000000 ____D C:\Windows\PCHEALTH
2015-12-04 11:47 - 2015-12-04 11:47 - 00000000 ____D C:\Program Files\Microsoft Office
2015-12-04 11:47 - 2015-12-04 11:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-12-04 11:46 - 2015-12-08 17:47 - 00000000 ____D C:\Users\Customer\AppData\Local\Microsoft Help
2015-12-04 11:33 - 2015-12-24 15:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-04 11:33 - 2015-12-04 11:33 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-04 11:33 - 2015-12-04 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-04 11:33 - 2015-12-04 11:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-04 11:33 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-04 11:33 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-04 11:33 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-04 11:22 - 2015-12-04 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-12-04 11:22 - 2015-12-04 11:22 - 00000000 ____D C:\ProgramData\ESET
2015-12-04 11:22 - 2015-12-04 11:22 - 00000000 ____D C:\Program Files\ESET
2015-12-04 11:21 - 2015-12-02 10:48 - 90342088 _____ (ESET) C:\eav_nt64_enu.exe
2015-12-04 11:18 - 2015-12-04 11:18 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2015-12-04 11:18 - 2015-12-04 11:18 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2015-12-04 11:18 - 2015-12-04 11:18 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2015-12-04 11:18 - 2015-12-04 11:18 - 00000000 ___HD C:\ProgramData\CanonEPP
2015-12-04 11:17 - 2015-12-12 22:07 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-12-04 11:17 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAA.DLL
2015-12-04 11:16 - 2010-03-18 19:26 - 00348672 _____ (CANON INC.) C:\Windows\system32\CNC280L.dll
2015-12-04 11:16 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280L.dll
2015-12-04 11:16 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC280C.dll
2015-12-04 11:16 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC280I.dll
2015-12-04 11:16 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280U.dll
2015-12-04 11:16 - 2009-11-13 14:38 - 00012800 _____ C:\Windows\SysWOW64\CNC1746D.TBL
2015-12-04 11:16 - 2009-11-13 14:38 - 00012800 _____ C:\Windows\system32\CNC1746D.TBL
2015-12-04 11:16 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-12-04 11:16 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-12-04 11:09 - 2015-12-04 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series User Registration
2015-12-04 11:09 - 2015-12-04 11:09 - 00000000 ____D C:\ProgramData\CanonIJMSetup
2015-12-04 11:08 - 2015-12-04 11:08 - 00002079 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2015-12-04 11:08 - 2015-12-04 11:08 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2015-12-04 11:08 - 2015-12-04 11:08 - 00000000 ____D C:\Program Files\Common Files\CANON
2015-12-04 11:07 - 2015-12-04 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-04 11:07 - 2015-12-04 11:07 - 00002358 _____ C:\Users\Public\Desktop\Canon MP280 series On-screen Manual.lnk
2015-12-04 11:07 - 2015-12-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series Manual
2015-12-04 11:07 - 2015-12-04 11:07 - 00000000 ____D C:\Program Files\Canon
2015-12-04 11:06 - 2015-12-04 11:06 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-12-04 11:06 - 2015-12-04 11:06 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-12-04 11:06 - 2015-12-04 11:06 - 00000000 ___HD C:\Program Files\CanonBJ
2015-12-04 11:06 - 2015-12-04 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series
2015-12-04 11:06 - 2010-03-11 03:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNMIUAA.DLL
2015-12-04 11:05 - 2015-12-04 11:09 - 00000000 ____D C:\Program Files (x86)\Canon
2015-12-03 19:02 - 2015-12-03 19:02 - 00001351 _____ C:\Users\Customer\Desktop\Sticky Notes.lnk
2015-12-03 19:02 - 2015-12-03 19:02 - 00001230 _____ C:\Users\Customer\Desktop\Calculator.lnk
2015-12-02 17:20 - 2015-12-02 17:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-02 17:20 - 2015-12-02 17:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-02 17:20 - 2015-11-20 13:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-02 17:20 - 2015-11-20 13:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-02 17:20 - 2015-11-20 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-02 17:20 - 2015-11-20 13:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-02 17:20 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-02 17:20 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-02 17:20 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-02 17:20 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-02 17:20 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-02 17:20 - 2015-10-08 18:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-02 17:20 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-02 17:20 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-02 17:20 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-02 17:20 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-02 17:20 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-02 17:20 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-02 17:20 - 2015-10-08 18:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-02 17:20 - 2015-10-08 14:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-02 17:20 - 2015-10-08 13:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-02 17:18 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-12-02 17:18 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-12-02 17:18 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-12-02 17:18 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-12-02 17:18 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-12-02 17:18 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-12-02 17:18 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-24 19:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-24 18:54 - 2015-11-15 20:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-24 18:26 - 2009-07-13 23:45 - 00019504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-24 18:26 - 2009-07-13 23:45 - 00019504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-24 18:15 - 2015-11-15 20:04 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-24 14:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-24 14:15 - 2009-07-14 00:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-24 14:15 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-24 11:15 - 2015-11-15 20:04 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-24 07:56 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-22 16:20 - 2009-10-27 17:42 - 00000000 ____D C:\Users\Customer
2015-12-16 16:18 - 2015-11-15 20:05 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 23:40 - 2015-11-15 20:04 - 00000000 ____D C:\Users\Customer\AppData\Local\Google
2015-12-10 10:58 - 2015-11-15 20:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-10 10:58 - 2015-11-15 20:00 - 00000000 ____D C:\Users\Customer\AppData\Local\Adobe
2015-12-10 10:57 - 2015-11-15 20:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-10 10:57 - 2015-11-15 20:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 23:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 11:09 - 2009-07-13 23:45 - 00409624 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 11:05 - 2015-10-28 08:17 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 11:00 - 2015-10-28 08:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-07 08:52 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-06 20:29 - 2015-10-27 17:59 - 00000000 ____D C:\Users\Customer\AppData\Local\Ahead
2015-12-06 20:29 - 2015-10-27 17:54 - 00000000 ____D C:\Users\Customer\AppData\Roaming\Ahead
2015-12-05 16:31 - 2009-10-27 18:32 - 00000000 ____D C:\Users\Customer\AppData\Roaming\Adobe
2015-12-05 09:15 - 2015-11-15 20:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-05 08:47 - 2009-10-27 17:43 - 00000000 ____D C:\Users\Customer\AppData\Local\VirtualStore
2015-12-05 07:17 - 2015-10-28 11:12 - 00000000 ____D C:\ProgramData\Adobe
2015-12-04 12:03 - 2015-10-28 17:53 - 00109296 _____ C:\Users\Customer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-04 12:00 - 2009-07-14 02:45 - 00000000 ____D C:\Windows\ShellNew
2015-12-04 12:00 - 2009-07-13 21:34 - 00000499 _____ C:\Windows\win.ini
2015-12-04 11:53 - 2015-10-28 11:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-04 11:53 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-04 11:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-12-04 11:48 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-04 11:16 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2015-12-04 11:10 - 2015-11-15 20:04 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 11:10 - 2015-11-15 20:04 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 18:56 - 2015-11-15 19:56 - 00000000 ____D C:\Users\Customer\AppData\Local\lptmp1906871756
2015-12-02 13:18 - 2015-11-16 12:04 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-11-15 19:56 - 2015-11-15 19:56 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe

Some files in TEMP:
====================
C:\Users\Customer\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Customer\AppData\Local\Temp\ose00000.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\SysWOW64\dlumdfb10.dll
C:\Windows\SysWOW64\dlumdfb11.dll
C:\Windows\SysWOW64\dlumdfb9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-20 12:32

==================== End of FRST.txt ============================

LindaEllis

#33
December 25, 2015, 12:51:55 AM
Quote from: v_v on December 25, 2015, 12:15:09 AM
Linda,

So you are running an administrator account, and you are running the Windows Firewall.

For the moment we will leave Windows Firewall alone.  My guess is that it is doing its job satisfactorily.

Since IE 11 and Chrome do work for "familyresearch.org" on your computer, use each of those browsers and go to the web site.  Then just like you did with Firefox post screen shots of the certificates from IE 11 and Chrome.  Since these two browsers do work at the web site (without the .jpg images of course), a comparison of their certificates with those of Firefox might provide some useful data.

v_v

I'll try.  But I'm not sure how to get to finding the certificates if the sites work normally.  In Firefox the box popped up and I could see them. 

LindaEllis

#34
December 25, 2015, 01:00:58 AM
To v_v for the certificate for Familysearch.org:

I found it on Chrome, and I have done a screen print. 

I went into IE11 and clicked in the same place I clicked in Chrome, but I didn't not see anything that would be for certificates????  So, here is only my screen print for Chrome with some certificate information.  If someone can tell me how to find the same information in IE11, I can try again.  Thank you. 

LindaEllis

#35
December 25, 2015, 01:11:44 AM
For v_v,

Okay, I went back into IE11 and left clicked on that gold lock icon I think it was and saw the words 'security report' so I found it and it looks to be the same as Chrome for Familysearch.org in Chrome.  So, here is the screen print for IE11. 

v_v

#36
December 25, 2015, 01:21:12 AM
Linda,

[Edit:  I see that you have found both of them now.  So concentrate on the "Details" tab as indicated below.]

In both Chrome and IE 11 click on the lock that shows up in the address bar.  In IE 11 the pop up will say view certificates.  Click for the next screen and then click the "Details" tab.  In the top window find "Issuer" and just click to highlight it.  What will happen is that the details for that line will show in the bottom window.  Post the result.

In Chrome you have already done most of the work.  So now just click the tab "Details", find "Issuer" - click to highlight it, and then post the results.

v_v
Justice, Equity, and Meaningful, Productive, and Fulfilling Lives to All Earthlings

Corrine

#37
December 25, 2015, 01:26:56 AM
Hi, Linda.

The logs do look alike so it can be confusing -- to me as well if I'm not looking closely. 

1.  Anyway, I did find something about the certificates that relates to the error on IE and the image you posted from Chrome confirms it is an SSL Cert and not TLS:
Quote
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Many of the errors were prior to the computer being set up for your account so nothing to worry about.  For the error above, I've copied the solution from schannel, eventID-36870 and security auditing eventID - 5061, they - Microsoft Community:

QuotesChannel uses TLS(Transport Layer Security) for security encryption. As long as the sites you visit do not use TLS.
 
Try these steps:
1. Open Internet Explorer.
2. Press the ALT key and then click Tools.
3. Click Internet Options.
4. Click Advanced tab.
5. Scroll down the list under Security, uncheck all the Use TLS options.
6. Click OK.
 
Now restart the computer and check if the issue still occurs.

That should take care of the errors in the Addition.txt log.

2.  Your log shows the a number of items disabled via MSConfig.  Since you use WinPatrol, I'm not sure why they were disabled that way.  From Using System Configuration (msconfig) - Windows Help:

QuoteSystem Configuration is a tool that can help identify problems that might prevent Windows from starting correctly. You can start Windows with common services and startup programs turned off and then turn them back on, one at a time. If a problem doesn't occur when a service is turned off, but does occur when that service is turned on, then the service could be the cause of the problem.

System Configuration is intended to find and isolate problems, but it's not meant as a startup management program. {Bold added}

In other words, MSConfig is useful for troubleshooting but not for managing startup programs.  Using MSConfig can lock malware in the registry, only to become apparent should it be restored to normal start up. In addition, there is no automated way of changing the setting.  Each has to be done manually, which is what I suggest that you do:  Click start, type msconfig in the search box, open msconfig, click on the start up tab. Put a check mark in each entry, reboot the computer.

3.  There are some leftover Webroot things we can take care of with FRST.  (Yes, I recall the discussion in the WinPatrol Facebook group about the A/V the computer person wanted to install :) )

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code Select

start
CreateRestorePoint:
CloseProcesses:
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll => No File
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll => No File
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll No File
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File
C:\ProgramData\WRData
2015-11-15 19:56 - 2015-11-15 19:56 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
EmptyTemp:
end

  • Click Format and ensure Wordwrap is unchecked.
  • Important:  Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....

    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

LindaEllis

#38
December 25, 2015, 01:33:58 AM
For v_v:

Okay, here are screen prints for IE11 and Chrome for the issuers. 

LindaEllis

#39
December 25, 2015, 01:44:40 AM
Hi Corrine,

Thank you for all you have done.  It is going to take me a while to plow through all you have presented to me now.  And, yes, I am a bit fearful of making a mistake myself with all of these steps.   I probably won't get to all of this until maybe tomorrow, but being that this is Christmas Eve and tomorrow is Christmas, I'm sure you all need a break from this exchange; and I apologize that it has turned into such a lengthy and involved one. 

I did have a concern about:

"Channel uses TLS(Transport Layer Security) for security encryption. As long as the sites you visit do not use TLS."

Maybe I am not understanding the actual meaning for this statement, but if I visit a TLS site, then what would happen?

Yes, this Windows 7 is a refurbished computer; and now I think I'm beginning to see the pitfalls of getting one that isn't new.  It seems that there are a lot of 'left over' type elements, and yes that webroot is one.  I did see that Webroot is in IE11 and I wondered if it is just a part of it and you have to keep some of it or maybe something could malfunction is you got rid of every last bit of it on your computer?  I don't know.  Then I read somewhere how Webroot wouldn't interfere anyway with your antivirus. 

So much for me to comprehend and I have to go slow because if I somehow make a mistake then it is going to cost me to have to bring either the guy back who I bought this computer from or someone new.  I trust what all of you are telling me to do, but I am not that trustfull of myself that I might make a mistep in the process. 
 

Corrine

#40
December 25, 2015, 01:49:48 AM
Let's wait to see what v_v has to say before making the change in #1 and, by all means, take your time! 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

v_v

#41
December 25, 2015, 02:03:13 AM
Linda and Corrine,

No, don't wait on me.  So far I did not see any differences between the certificate details of Firefox on the one hand and IE 11 and Chrome on the other.  I was hoping to find something in the latter two that was not in Firefox.  But the images that Linda posted do not immediately show any glaring differences.  So why those two browsers work on the site but Firefox does not remains a mystery.

On the other hand I think that the images problem with IE 11 and Chrome is a different problem with a different source.

But by all means go ahead with whatever Corrine suggests would be useful.

Corrine, when you go to the web site in question with both Firefox and Pale Moon, and view your browser certificates for that site, what entity is the issuer for your two browsers?

v_v
Justice, Equity, and Meaningful, Productive, and Fulfilling Lives to All Earthlings

Corrine

#42
December 25, 2015, 02:27:33 AM
I'm re-thinking the change suggested in #1.  I guess it is worth trying and it could be changed back if it doesn't solve the problem. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

LindaEllis

#43
December 25, 2015, 02:47:08 AM
Hi Corrine and v_v,

Thank you both so much.  Do you think it would be a good idea to do a restore point on my computer before I attempt anything else?  I am just fearful to some degree, at least, of making things worse.  At least most of the computer is working okay that I need.  Thank you. 

v_v

#44
December 25, 2015, 06:10:22 AM
Linda,

Okay, stop the presses!!!

No guarantees but I think that we are closer to a solution!  As I suspected there is a problem with ESET and Firefox, and ESET knows about it.  I did a search on "ESET certificates Firefox compatibility".  There are many informative links from this search.  Essentially paraphrasing what seems to be the issue, ESET may substitute its own certificates for the web sites true certificates.  This causes problems with some browsers primarily Firefox in your case.  This is why your certificates for that web site all appear to be from ESET whereas mine are from DigiCert Inc.

This first link will give you information:  " https://support.mozilla.org/en-US/questions/932033 ".  This is from 2012.

The second link gives similar info from May 2015:  " https://support.mozilla.org/en-US/questions/1064455 ".

These two links above are from Mozilla (Firefox) Support.

The third and fourth links below come from ESET Security Forum.

The third link points to a solution page:  " https://forum.eset.com/topic/1388-ssl-web-sites-do-not-open/ ".  This is from November 2013

The fourth link is the ESET solution page stating "KB Solution ID: KB3126 |Document ID: 14085|Last Revised: December 11, 2015":  " http://support.eset.com/kb3126/?viewlocale=en_US ".

In this fourth link solutions are presented with screen shots, plus there is a link to "contact ESET Customer Care."

I would read through the first three links just to get a better idea of what is going on before attempting the solution(s) in the fourth link.  Also feel free  to browse through some of the other links in the search if you feel that they would help you.  I thought that the four that I chose would be enough.

Certainly a restore point could be helpful and it would not hurt.

Even if this fixes your immediate problem you might still want to work with Corrine on the clean-up issues.

v_v
Justice, Equity, and Meaningful, Productive, and Fulfilling Lives to All Earthlings
Print
Go Up Pages 1 2 3 4 5
User actions