Jump to content

I got a bug

flymedic
 Share

Recommended Posts

flymedic

flymedic

Posted
Posted

I believe my three kids playing with my computer has gotten me a bug. My hard drive is now saying it is full or virtually full, depending on the day.  Help Please. I have copied the DDS report below.

 

Scott

 

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Keatts at 21:10:28 on 2013-07-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7886.6002 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASRock\XFast LAN\spd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: {5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} - <orphaned>
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DDownyLaoweApp: {8251C5D4-71A4-8644-2B18-B3BAB548C191} - C:\ProgramData\DDownyLaoweApp\51ccdf839bd54.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
uRun: [ASRockXTU] <no file>
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DD8027BE-3365-4BB4-A230-8C2B98C0321B} : DHCPNameServer = 192.168.1.1
AppInit_DLLs= c:\progra~2\saveas\sprote~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760]
R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-3-2 31016]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-2 647736]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-2 28216]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-2 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-3-2 17192]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-3-2 16648]
R2 DnsBasic Service;DnsBasic Service;C:\Program Files (x86)\DnsBasic\dnsbasic.exe [2013-6-10 22528]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-2 14904]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-1 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-1 701512]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-3-1 67584]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-3-2 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-3-2 84608]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-2 342528]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-2 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-2 788760]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-1 25928]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-3-2 32344]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-3-2 34752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2013-6-16 32320]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-1 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-1 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-1 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-1 1255736]
.
=============== Created Last 30 ================
.
2013-07-13 02:02:17 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30F15BF1-22A3-4B97-B74E-9D2422B7C807}\mpengine.dll
2013-07-13 02:00:40 -------- d-----w- C:\Windows\System32\MRT
2013-07-12 17:22:46 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-07-12 17:22:34 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-12 17:22:25 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-07-12 17:22:17 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-07-12 08:30:48 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-11 11:22:08 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 11:21:57 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 11:21:57 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-08 17:49:44 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-08 17:49:44 -------- d-----w- C:\Program Files\iTunes
2013-07-08 17:49:44 -------- d-----w- C:\Program Files\iPod
2013-07-08 17:49:44 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-29 01:05:41 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-06-29 01:05:41 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2013-06-29 01:05:41 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-06-29 01:04:29 -------- d-----w- C:\ProgramData\Battle.net
2013-06-28 00:55:45 -------- d-----w- C:\ProgramData\StarApp
2013-06-28 00:55:16 -------- d-----w- C:\ProgramData\BetterSoft
2013-06-28 00:54:53 -------- d-----w- C:\Program Files (x86)\SaveAs
2013-06-28 00:54:48 -------- d-----w- C:\ProgramData\DDownyLaoweApp
2013-06-28 00:54:24 -------- d-----w- C:\ProgramData\InstallMate
2013-06-24 02:21:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 22:05:07 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3E77F10-34D2-4893-8524-2BEF18B4207C}\gapaengine.dll
2013-06-19 02:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-16 14:18:29 32320 ----a-w- C:\Windows\System32\drivers\FNETTBOH_305.SYS
.
==================== Find3M  ====================
.
2013-07-13 02:02:59 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp
2013-07-13 02:02:59 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
2013-06-24 02:21:48 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-24 02:21:48 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-19 02:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-12 21:51:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 21:51:09 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
.
============= FINISH: 21:10:34.37 ===============

 

 

 

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/2/2013 12:07:27 AM
System Uptime: 7/12/2013 9:02:46 PM (0 hours ago)
.
Motherboard: ASRock |  | Z77 Extreme6
Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 60 GiB total, 0.79 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 298 GiB total, 156.146 GiB free.
X: is FIXED (NTFS) - 119 GiB total, 106.041 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Description: Programming Support
Device ID: ROOT\PROGRAMMING_SUPPORT\0001
Manufacturer: Mad Catz
Name: Programmable Root Enumerator
PNP Device ID: ROOT\PROGRAMMING_SUPPORT\0001
Service: SaiNtBus
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.03)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Asmedia ASM106x SATA Host Controller Driver
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.250
ASRock InstantBoot v1.29
ASRock SmartConnect v1.0.6
ASRock XFast RAM v2.0.9
Bonjour
Broadcom NetLink Controller
Canon MP495 series MP Drivers
Core Temp 1.0 RC4
CyberLink MediaEspresso
DDownyLaoweApp
DnsBasic 1.0 build 111
Etron USB3.0 Host Controller
File Type Assistant
Free File Viewer 2012
Google Chrome
Google Earth
Google Update Helper
InfoAtoms [uninstall]
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Smart Connect Technology 2.0 x64
Intel® USB 3.0 eXtensible Host Controller Driver
iTunes
Java 7 Update 25
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
OptimizerPro
PasswordBox
PDFCreator
Pirate101
Realtek High Definition Audio Driver
SaveAs 1.74
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
THX TruStudio
TOPCAT 2.72 Beta 4 - Take-Off and Landing Performance Calculation Tool
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
VAT-Spy
Wizard101
World of Warcraft
XFast LAN v6.61
XFastUSB
Zuma Deluxe 1.0
.
==== End Of File ===========================

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello flymedic,

Please run the following and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.


STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE:  Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


    STEP 02

    Please download Malwarebytes Anti-Rootkit from HERE

    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

    STEP 03

    Please download Junkware Removal Tool to your desktop.
    • Shutdown your antivirus to avoid any conflicts.
    • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next reply message
    • When completed make sure to re-enable your antivirus


    STEP 04

    Please download AdwCleaner by Xplode to your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • If prompted by the User Account Control click Yes to allow it to run.
    • Under Actions click on the Delete button.
    • Click OK on all prompts.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the entire contents of that logfile to your next reply.
    • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.

    STEP 05

    button_eos.gif

    Please go here to run the online antivirus scannner from ESET.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked
    • Click on Advanced Settings and ensure these options are ticked:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology

      [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please run the ESET scan again but this time please set it to FIX  what it finds. 

 

Then run the following

 

Next, download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

 

Thanks

Link to post
Share on other sites
flymedic

flymedic

Posted
  • Author
Posted

 Results of screen317's Security Check version 0.99.69 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 VAT-Spy    
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 25 
 Adobe Reader XI 
 Google Chrome 28.0.1500.71 
 Google Chrome 28.0.1500.72 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 44% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.