Jump to content


Photo
- - - - -

LyricXeeker BHO that won't go away


  • This topic is locked This topic is locked
20 replies to this topic

#1 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 29 July 2013 - 05:58 PM

BHO: LyricXeeker: {17E58097-6CA5-448B-830F-2A19678248FB}

 

Hijackthis can't remove it      it sees it but the fix dosent remove it

 

I tried manually to remove it but Windows 7 dosent give me the option to disabe or delete   (Add on Manager)

 

I stopped it from placing adds and redirecting pages by........ Disabling 3rd party extensions in internet options

 

Malwarebytes took part of it out but not all    its still in explorer and chrome

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16496  BrowserJavaVersion: 10.25.2
Run by Mitch Tiffin at 17:41:31 on 2013-07-29
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16382.14440 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

BHO: LyricXeeker: {17E58097-6CA5-448B-830F-2A19678248FB} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\MasterWriter 2.0\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe




TCP: NameServer = 192.168.1.254
TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : DHCPNameServer = 192.168.1.254
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {ED93D107-B43A-490e-AA5C-C5578BAAF479} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-2-22 22408]
R3 PaeFireStudio;PreSonus FireStudio;C:\Windows\System32\drivers\PaeFireStudio.sys [2011-1-24 214776]
R3 PaeFireStudioAudio;PreSonus FireStudio Audio;C:\Windows\System32\drivers\PaeFireStudioAudio.sys [2011-1-24 39032]
R3 PaeFireStudioMidi;PreSonus FireStudio MIDI;C:\Windows\System32\drivers\PaeFireStudioMidi.sys [2011-1-24 42616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-2-22 16008]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-17 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-17 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-25 1255736]
S4 DraftSight API Service;DraftSight API Service;C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-7-7 78336]
S4 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824]
S4 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
.
=============== Created Last 30 ================
.
2013-07-29 21:17:37    388096    ----a-r-    C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-29 21:17:36    --------    d-----w-    C:\Program Files (x86)\Trend Micro
2013-07-29 17:44:13    --------    d-----w-    C:\Program Files (x86)\fuLyriXeeker
2013-07-29 14:15:00    9460976    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C94DE392-5775-4998-893E-19766B32E463}\mpengine.dll
2013-07-28 07:20:24    9460976    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-18 22:26:04    941720    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FBABFBF-68F4-44DF-9EE7-98B655B55482}\gapaengine.dll
2013-07-18 21:40:43    --------    d-----w-    C:\Program Files\iTunes
2013-07-18 21:40:43    --------    d-----w-    C:\Program Files\iPod
2013-07-18 21:40:43    --------    d-----w-    C:\Program Files (x86)\iTunes
2013-07-18 21:39:09    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-12 03:10:59    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-07-12 03:10:58    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-07-12 03:10:58    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-07-12 03:10:54    1643520    ----a-w-    C:\Windows\System32\DWrite.dll
2013-07-12 03:10:54    1247744    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-11 12:53:55    159744    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
.
==================== Find3M  ====================
.
2013-07-23 21:44:42    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-23 21:44:42    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-27 22:34:56    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 22:34:52    867240    ----a-w-    C:\Windows\SysWow64\npdeployJava1.dll
2013-06-27 22:34:52    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-06-22 20:11:30    5555190    ----a-w-    C:\tweaking.com_windows_repair_aio_setup.exe
2013-06-22 20:07:42    3858143    ----a-w-    C:\tweaking.com_registry_backup_setup.exe
2013-06-19 02:50:08    247216    ----a-w-    C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 02:50:08    139616    ----a-w-    C:\Windows\System32\drivers\NisDrvWFP.sys
2013-05-29 05:43:16    2312704    ----a-w-    C:\Windows\System32\jscript9.dll
2013-05-29 05:35:44    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2013-05-29 05:34:14    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-05-29 05:29:56    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-05-29 05:29:02    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2013-05-29 05:25:09    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-05-29 01:50:14    1800704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-05-29 01:41:52    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-05-29 01:41:08    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-05-29 01:37:15    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2013-05-29 01:36:09    420864    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2013-05-29 01:33:22    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49    1887744    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35    1620480    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 15:29:56    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-05-01 08:59:12    94208    ----a-w-    C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 08:59:12    69632    ----a-w-    C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 17:41:54.03 ===============
 

 



#2 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 29 July 2013 - 06:00 PM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/22/2011 9:38:29 AM
System Uptime: 7/29/2013 5:22:46 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M4A78T-E
Processor: AMD Phenom™ II X6 1090T Processor | AM3 | 3211/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 428.829 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 905.944 GiB free.
F: is FIXED (NTFS) - 1863 GiB total, 1354.4 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001
Manufacturer: Microsoft
Name: High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001
Service: HdAudAddService
.
==== System Restore Points ===================
.
RP371: 7/18/2013 5:24:49 PM - Windows Update
RP372: 7/21/2013 6:30:27 PM - Windows Update
RP373: 7/21/2013 8:40:25 PM - Windows Update
RP374: 7/21/2013 8:50:59 PM - Removed Microsoft Silverlight
RP375: 7/25/2013 10:42:05 AM - Windows Update
RP376: 7/27/2013 8:12:27 PM - Removed Microsoft Silverlight
RP377: 7/27/2013 8:13:20 PM - Removed Microsoft Silverlight
RP378: 7/29/2013 9:14:13 AM - Windows Update
RP379: 7/29/2013 4:17:08 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
112dB Redline Monitor v1.0.4
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avid Studio
Avid Studio Bonus Content
Avid Studio Plugins
Belarc Advisor 8.1
Bonjour
BurnAware Free 4.1
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC 8
Canon Utilities MyCamera
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CD Click i-Studio
DraftSight
Dragon NaturallySpeaking 11
EPSON Artisan 830 Series Printer Uninstall
Epson CreativeZone
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
Epson Print CD
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.3
ERUNT 1.1j
EZdrummer
EZDrummer 64-bit
EZkeys Grand Piano 64
EZkeys Player 64-bit
EZXCocktail
FlipShare
FreeRIP v3.6
Futuremark SystemInfo
GEAR driver installer for x86 and x64
Google Chrome
Google Earth
Google Update Helper
HiJackThis
ImageMixer 3 SE Ver.6 Transfer Utility
ImageMixer 3 SE Ver.6 Video Tools
iTunes
Java 7 Update 25
Java Auto Updater
Knoll Light Factory EZ Studio
Logitech Gaming Software 7.00
Lotus NotesSQL 3.01 driver
Lotus SmartSuite - English
Magic Bullet Looks Studio
MAGIX Xtreme Print Studio 5.0.0.7399 (US)
Malwarebytes Anti-Malware version 1.75.0.1300
MasterWriter 2.0
Melodyne Runtime 4.1 (x64)
Melodyne singletrack
Memeo Instant Backup
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MixMeister BPM Analyzer 1.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Guitar Rig 3
Native Instruments Guitar Rig 4
Native Instruments Komplete Elements
Native Instruments Kontakt 4
Native Instruments Kontakt Elements Selection R2
Native Instruments Reaktor 5
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Spark R2
Native Instruments Service Center
NVIDIA 3D Vision Controller Driver 307.83
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Update 1.10.8
NVIDIA Update Components
On-Screen Takeoff
OpenOffice.org 3.4.1
PDF reDirect (remove only)
PDFill PDF Editor with FREE Writer and FREE Tools
Pinnacle Creative Pack Volume 1
Pinnacle Video Driver
PreSonus FaderPort
PreSonus Studio One 2 x64
PreSonus Studio One x64
PreSonus Universal Control 3.5.2.8028
PVSonyDll
QuickTime
Red Giant ToonIt Studio
Room EQ Wizard V5
SAMSUNG USB Driver for Mobile Phones
ScoreFitter Volume 1
ScoreFitter Volume 2
Seagate Dashboard
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sony DVD Architect Studio 4.5
Sony Vegas Movie Studio 8.0
Speccy
SpeedFan (remove only)
Superior Drummer 64-bit
Superior Drummer Installer
SureThing Express Labeler
swMSM
Toontrack solo
Toontrack solo 64 bit
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Tweaking.com - Windows Repair (All in One)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon V CAST Media Manager
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
VLC media player 2.0.5
.
==== Event Viewer Messages From Past Week ========
.
7/29/2013 5:28:42 PM, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/29/2013 5:28:42 PM, Error: Service Control Manager [7001]  - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
7/29/2013 5:28:42 PM, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
7/29/2013 5:28:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
7/29/2013 5:28:29 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
7/29/2013 5:27:42 PM, Error: Microsoft-Windows-Eventlog [23]  - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Resource-Exhaustion-Detector/Operational.
7/29/2013 5:26:36 PM, Error: Service Control Manager [7000]  - The PMEM service failed to start due to the following error:  This driver has been blocked from loading
7/29/2013 5:26:36 PM, Error: Application Popup [1060]  - \??\C:\Windows\SysWOW64\drivers\pmemnt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/29/2013 5:25:17 PM, Error: Microsoft-Windows-Eventlog [23]  - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-GroupPolicy/Operational.
7/23/2013 8:50:00 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 107.
7/23/2013 8:50:00 PM, Error: Schannel [36874]  - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
.
==== End Of File ===========================


 



#3 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 29 July 2013 - 10:28 PM

Please run the following steps and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.
Please don't put logs in code or quote tags or copy/paste them into your reply unless you're unable to attach them.
Please enable your system to show hidden files: How to see hidden files in Windows

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit
  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.

STEP 03
Please download Malwarebytes Anti-Rootkit from here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 05
Please download AdwCleaner by Xplode to your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt where the number in brackets indicates how often it was run.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

 


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#4 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 01 August 2013 - 06:05 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#5 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 01 August 2013 - 10:36 PM

Topic reopened per user request


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#6 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:10 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16496  BrowserJavaVersion: 10.25.2
Run by Mitch Tiffin at 17:41:31 on 2013-07-29
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16382.14440 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: LyricXeeker: {17E58097-6CA5-448B-830F-2A19678248FB} - 
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\MasterWriter 2.0\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : DHCPNameServer = 192.168.1.254
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {ED93D107-B43A-490e-AA5C-C5578BAAF479} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-2-22 22408]
R3 PaeFireStudio;PreSonus FireStudio;C:\Windows\System32\drivers\PaeFireStudio.sys [2011-1-24 214776]
R3 PaeFireStudioAudio;PreSonus FireStudio Audio;C:\Windows\System32\drivers\PaeFireStudioAudio.sys [2011-1-24 39032]
R3 PaeFireStudioMidi;PreSonus FireStudio MIDI;C:\Windows\System32\drivers\PaeFireStudioMidi.sys [2011-1-24 42616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-2-22 16008]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-17 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-17 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-25 1255736]
S4 DraftSight API Service;DraftSight API Service;C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-7-7 78336]
S4 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824]
S4 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
.
=============== Created Last 30 ================
.
2013-07-29 21:17:37 388096 ----a-r- C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-29 21:17:36 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-29 17:44:13 -------- d-----w- C:\Program Files (x86)\fuLyriXeeker
2013-07-29 14:15:00 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C94DE392-5775-4998-893E-19766B32E463}\mpengine.dll
2013-07-28 07:20:24 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-18 22:26:04 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FBABFBF-68F4-44DF-9EE7-98B655B55482}\gapaengine.dll
2013-07-18 21:40:43 -------- d-----w- C:\Program Files\iTunes
2013-07-18 21:40:43 -------- d-----w- C:\Program Files\iPod
2013-07-18 21:40:43 -------- d-----w- C:\Program Files (x86)\iTunes
2013-07-18 21:39:09 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-12 03:10:59 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-12 03:10:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-12 03:10:58 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-12 03:10:54 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-12 03:10:54 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-11 12:53:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
.
==================== Find3M  ====================
.
2013-07-23 21:44:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-23 21:44:42 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-27 22:34:56 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 22:34:52 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-27 22:34:52 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-22 20:11:30 5555190 ----a-w- C:\tweaking.com_windows_repair_aio_setup.exe
2013-06-22 20:07:42 3858143 ----a-w- C:\tweaking.com_registry_backup_setup.exe
2013-06-19 02:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 02:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-05-01 08:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 08:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 17:41:54.03 ===============


#7 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:12 PM

 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 1/22/2011 9:38:29 AM
System Uptime: 7/29/2013 5:22:46 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M4A78T-E
Processor: AMD Phenom™ II X6 1090T Processor | AM3 | 3211/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 428.829 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 905.944 GiB free.
F: is FIXED (NTFS) - 1863 GiB total, 1354.4 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001
Manufacturer: Microsoft
Name: High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001
Service: HdAudAddService
.
==== System Restore Points ===================
.
RP371: 7/18/2013 5:24:49 PM - Windows Update
RP372: 7/21/2013 6:30:27 PM - Windows Update
RP373: 7/21/2013 8:40:25 PM - Windows Update
RP374: 7/21/2013 8:50:59 PM - Removed Microsoft Silverlight
RP375: 7/25/2013 10:42:05 AM - Windows Update
RP376: 7/27/2013 8:12:27 PM - Removed Microsoft Silverlight
RP377: 7/27/2013 8:13:20 PM - Removed Microsoft Silverlight
RP378: 7/29/2013 9:14:13 AM - Windows Update
RP379: 7/29/2013 4:17:08 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
112dB Redline Monitor v1.0.4
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avid Studio
Avid Studio Bonus Content
Avid Studio Plugins
Belarc Advisor 8.1
Bonjour
BurnAware Free 4.1
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC 8
Canon Utilities MyCamera
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CD Click i-Studio
DraftSight
Dragon NaturallySpeaking 11
EPSON Artisan 830 Series Printer Uninstall
Epson CreativeZone
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
Epson Print CD
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.3
ERUNT 1.1j
EZdrummer
EZDrummer 64-bit
EZkeys Grand Piano 64
EZkeys Player 64-bit
EZXCocktail
FlipShare
FreeRIP v3.6
Futuremark SystemInfo
GEAR driver installer for x86 and x64
Google Chrome
Google Earth
Google Update Helper
HiJackThis
ImageMixer 3 SE Ver.6 Transfer Utility
ImageMixer 3 SE Ver.6 Video Tools
iTunes
Java 7 Update 25
Java Auto Updater
Knoll Light Factory EZ Studio
Logitech Gaming Software 7.00
Lotus NotesSQL 3.01 driver
Lotus SmartSuite - English
Magic Bullet Looks Studio
MAGIX Xtreme Print Studio 5.0.0.7399 (US)
Malwarebytes Anti-Malware version 1.75.0.1300
MasterWriter 2.0
Melodyne Runtime 4.1 (x64)
Melodyne singletrack
Memeo Instant Backup
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MixMeister BPM Analyzer 1.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Guitar Rig 3
Native Instruments Guitar Rig 4
Native Instruments Komplete Elements
Native Instruments Kontakt 4
Native Instruments Kontakt Elements Selection R2
Native Instruments Reaktor 5
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Spark R2
Native Instruments Service Center
NVIDIA 3D Vision Controller Driver 307.83
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Update 1.10.8
NVIDIA Update Components
On-Screen Takeoff
OpenOffice.org 3.4.1
PDF reDirect (remove only)
PDFill PDF Editor with FREE Writer and FREE Tools
Pinnacle Creative Pack Volume 1
Pinnacle Video Driver
PreSonus FaderPort
PreSonus Studio One 2 x64
PreSonus Studio One x64
PreSonus Universal Control 3.5.2.8028
PVSonyDll
QuickTime
Red Giant ToonIt Studio
Room EQ Wizard V5
SAMSUNG USB Driver for Mobile Phones
ScoreFitter Volume 1
ScoreFitter Volume 2
Seagate Dashboard
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Sony DVD Architect Studio 4.5
Sony Vegas Movie Studio 8.0
Speccy
SpeedFan (remove only)
Superior Drummer 64-bit
Superior Drummer Installer
SureThing Express Labeler
swMSM
Toontrack solo
Toontrack solo 64 bit
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Tweaking.com - Windows Repair (All in One)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon V CAST Media Manager
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
VLC media player 2.0.5
.
==== Event Viewer Messages From Past Week ========
.
7/29/2013 5:28:42 PM, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/29/2013 5:28:42 PM, Error: Service Control Manager [7001]  - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
7/29/2013 5:28:42 PM, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
7/29/2013 5:28:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
7/29/2013 5:28:29 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
7/29/2013 5:27:42 PM, Error: Microsoft-Windows-Eventlog [23]  - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Resource-Exhaustion-Detector/Operational.
7/29/2013 5:26:36 PM, Error: Service Control Manager [7000]  - The PMEM service failed to start due to the following error:  This driver has been blocked from loading
7/29/2013 5:26:36 PM, Error: Application Popup [1060]  - \??\C:\Windows\SysWOW64\drivers\pmemnt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/29/2013 5:25:17 PM, Error: Microsoft-Windows-Eventlog [23]  - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-GroupPolicy/Operational.
7/23/2013 8:50:00 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 107.
7/23/2013 8:50:00 PM, Error: Schannel [36874]  - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
.
==== End Of File ===========================
 


#8 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:14 PM

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Mitch Tiffin [Admin rights]
Mode : Scan -- Date : 08/01/2013 16:51:18
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 8 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer (68.94.156.1,68.94.157.1) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer (68.94.156.1,68.94.157.1) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer (68.94.156.1,68.94.157.1) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
-> E:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - E:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]
-> E:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - E:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]
-> E:\Documents and Settings\m tiffin\NTUSER.DAT | DRVINFO [Drv - E:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]
-> E:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - E:] | SYSTEMINFO [Sys - NO_SYS] [Sys32 - NOT_FOUND] | USERINFO [Startup - FOUND]
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ST31000528AS ATA Device +++++
--- User ---
[MBR] f788b7543368b372fbce54d71f4866da
[BSP] 3bc7fae69c5613d12ec2d6546920ba80 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: ST31000528AS ATA Device +++++
--- User ---
[MBR] 0ac91f515b3549d7e81ddc40f5f48404
[BSP] 31c0fe7176466ccf32fa109f73be949d : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953859 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive2: ST31000528AS ATA Device +++++
--- User ---
[MBR] 61b1e40b46ea59eb5c1e96fc38bfb77d
[BSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[0]_S_08012013_165118.txt >>


#9 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:16 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows 7 Professional x64
Ran by Mitch Tiffin on Thu 08/01/2013 at 17:46:49.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E58097-6CA5-448B-830F-2A19678248FB}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Mitch Tiffin\AppData\Roaming\mozilla\firefox\profiles\6kx2u9vk.default\minidumps [259 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/01/2013 at 17:49:49.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#10 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:18 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by Mitch Tiffin (administrator) on 01-08-2013 22:05:36
Running from C:\Users\Mitch Tiffin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [104008 2010-11-16] (Logitech Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\MasterWriter 2.0\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://ec2-174-129-1...eivers/FMSI.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2}: [NameServer]68.94.156.1,68.94.157.1
 
FireFox:
========
FF ProfilePath: C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TinEye Reverse Image Search - C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\Extensions\tineye@ideeinc.com
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files (x86)\LyriXeeker\125.xpi
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Google Docs) - C:\Users\MITCHT~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR HKLM-x32\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files (x86)\LyriXeeker\125.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
S4 DraftSight API Service; C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-07-07] (Dassault Systèmes)
S4 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
S4 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 PaeFireStudio; C:\Windows\System32\Drivers\PaeFireStudio.sys [214776 2010-10-14] (PreSonus Audio Electronics)
R3 PaeFireStudioAudio; C:\Windows\System32\drivers\PaeFireStudioAudio.sys [39032 2010-10-14] (PreSonus Audio Electronics)
R3 PaeFireStudioMidi; C:\Windows\System32\drivers\PaeFireStudioMidi.sys [42616 2010-10-14] (PreSonus Audio Electronics)
S2 PMEM; C:\Windows\SysWOW64\drivers\pmemnt.sys [7168 1999-03-08] (Microsoft Corporation)
S2 PMEM; C:\Windows\SysWOW64\drivers\pmemnt.sys [7168 1999-03-08] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows ® Server 2003 DDK provider)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows ® Server 2003 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-08-01 18:10 - 2013-08-01 18:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-01 17:55 - 2013-08-01 17:55 - 00001214 _____ C:\AdwCleaner[S5].txt
2013-08-01 17:54 - 2013-08-01 17:54 - 00001154 _____ C:\AdwCleaner[R19].txt
2013-08-01 17:49 - 2013-08-01 17:49 - 00001255 _____ C:\Users\Mitch Tiffin\Desktop\JRT.txt
2013-08-01 17:46 - 2013-08-01 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-08-01 17:45 - 2013-08-01 17:45 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Mitch Tiffin\Downloads\JRT.exe
2013-08-01 17:45 - 2013-08-01 17:45 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Mitch Tiffin\Desktop\JRT.exe
2013-08-01 17:10 - 2013-08-01 22:02 - 00000000 ____D C:\computer work
2013-08-01 16:51 - 2013-08-01 17:07 - 00003289 _____ C:\Users\Mitch Tiffin\Desktop\RKreport[0]_S_08012013_165118.txt
2013-08-01 16:32 - 2013-08-01 16:32 - 03782656 _____ C:\Users\Mitch Tiffin\Desktop\RogueKillerX64.exe
2013-08-01 13:05 - 2013-08-01 13:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 17:42 - 2013-07-29 17:42 - 00014349 _____ C:\Users\Mitch Tiffin\Desktop\attach.txt
2013-07-29 17:42 - 2013-07-29 17:41 - 00014762 _____ C:\Users\Mitch Tiffin\Desktop\dds.txt
2013-07-29 16:17 - 2013-07-29 16:21 - 00000000 ____D C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-29 16:17 - 2013-07-29 16:17 - 00003007 _____ C:\Users\Mitch Tiffin\Desktop\HiJackThisShort cut.lnk
2013-07-29 16:17 - 2013-07-29 16:17 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-29 16:15 - 2013-07-29 16:15 - 01402880 _____ C:\Users\Mitch Tiffin\Downloads\HiJackThis.msi
2013-07-29 15:36 - 2013-07-29 15:36 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Mitch Tiffin\Downloads\rkill.exe
2013-07-29 15:20 - 2013-07-29 15:20 - 00001093 _____ C:\AdwCleaner[R18].txt
2013-07-29 12:46 - 2013-07-29 12:46 - 00001178 _____ C:\AdwCleaner[S4].txt
2013-07-29 12:45 - 2013-07-29 12:46 - 00001010 _____ C:\AdwCleaner[R17].txt
2013-07-29 12:44 - 2013-08-01 18:00 - 00000402 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 12:44 - 2013-07-29 12:44 - 00003064 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-07-29 12:44 - 2013-07-29 12:44 - 00000000 ____D C:\Program Files (x86)\fuLyriXeeker
2013-07-29 12:38 - 2013-07-29 12:38 - 00640864 _____ C:\Users\Mitch Tiffin\Downloads\FreeYouTubeDownloaderInstallerIC.exe
2013-07-27 18:43 - 2013-07-27 18:43 - 00892040 _____ (CNET Download.com) C:\Users\Mitch Tiffin\Downloads\cbsidlm-cbsi127-Free_Youtube_Downloader_Converter-SEO-75891114.exe
2013-07-26 10:24 - 2013-07-26 10:24 - 00000898 _____ C:\Users\Mitch Tiffin\Desktop\123w - Shortcut.lnk
2013-07-24 07:03 - 2013-07-24 07:03 - 05373340 _____ C:\Users\Mitch Tiffin\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-07-21 11:05 - 2013-07-21 11:05 - 00001714 _____ C:\Users\Mitch Tiffin\Desktop\CMA Songwriters Series _ _There Goes My Life_ - YouTube - Shortcut.lnk
2013-07-21 11:05 - 2013-07-21 11:05 - 00000925 _____ C:\Users\Mitch Tiffin\Desktop\There Goes My Life - Shortcut.lnk
2013-07-21 10:56 - 2013-07-21 10:56 - 00000940 _____ C:\Users\Mitch Tiffin\Desktop\Paint me a Birmingham - Shortcut.lnk
2013-07-21 10:16 - 2013-07-21 10:16 - 00666633 _____ C:\Users\Mitch Tiffin\Desktop\adwcleaner.exe
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files\iTunes
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files\iPod
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-18 16:39 - 2013-07-18 16:40 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-11 22:23 - 2013-05-29 01:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 22:23 - 2013-05-29 00:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 22:23 - 2013-05-29 00:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 22:23 - 2013-05-29 00:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 22:23 - 2013-05-29 00:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 22:23 - 2013-05-29 00:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-11 22:23 - 2013-05-29 00:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-11 22:23 - 2013-05-29 00:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 22:23 - 2013-05-29 00:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 22:23 - 2013-05-29 00:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-11 22:23 - 2013-05-29 00:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-11 22:23 - 2013-05-29 00:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 22:23 - 2013-05-29 00:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 22:23 - 2013-05-29 00:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 22:23 - 2013-05-29 00:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-11 22:23 - 2013-05-29 00:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 22:23 - 2013-05-28 20:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 22:23 - 2013-05-28 20:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 22:23 - 2013-05-28 20:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 22:23 - 2013-05-28 20:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-11 22:23 - 2013-05-28 20:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 22:23 - 2013-05-28 20:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 22:23 - 2013-05-28 20:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-11 22:23 - 2013-05-28 20:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 22:23 - 2013-05-28 20:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-11 22:23 - 2013-05-28 20:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-11 22:23 - 2013-05-28 20:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 22:23 - 2013-05-28 20:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 22:23 - 2013-05-28 20:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 22:23 - 2013-05-28 20:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 22:23 - 2013-05-28 20:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-11 22:23 - 2013-05-28 20:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 22:11 - 2013-05-08 01:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-11 22:11 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 22:11 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 22:11 - 2013-04-12 09:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-11 22:11 - 2013-04-10 01:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-11 22:11 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-11 22:11 - 2013-03-19 00:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-11 22:11 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-11 22:11 - 2013-02-27 01:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-11 22:11 - 2013-02-27 00:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-11 22:11 - 2013-02-27 00:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-11 22:11 - 2013-02-27 00:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-11 22:11 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-11 22:11 - 2013-02-26 23:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-11 22:11 - 2013-02-26 23:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-11 22:11 - 2013-02-26 23:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-11 22:11 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-11 22:10 - 2013-06-04 22:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:10 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:10 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 22:10 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 22:10 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 07:53 - 2013-07-11 07:53 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-06 19:48 - 2013-07-06 19:48 - 14595178 _____ C:\Users\Mitch Tiffin\Downloads\Rascal Flatts _ Cascada - What Hurts The Most (Boyce Avenue acoustic cover) on iTunes‬ & Spotify - YouTube.mp4
2013-07-06 14:11 - 2013-07-06 14:02 - 462661632 _____ C:\Users\Mitch Tiffin\Downloads\00001.MTS
2013-07-06 09:46 - 2013-07-06 09:48 - 55433469 _____ C:\Users\Mitch Tiffin\Downloads\Guitar Lesson- Eric Clapton Acoustic Blues - YouTube.mp4
2013-07-05 18:44 - 2012-01-01 00:10 - 439514184 _____ C:\Users\Mitch Tiffin\Downloads\ZOOM0001.MOV
107
 
==================== One Month Modified Files and Folders =======
 
2013-08-01 22:04 - 2013-08-01 22:04 - 01781485 _____ (Farbar) C:\Users\Mitch Tiffin\Desktop\FRST64.exe
2013-08-01 22:02 - 2013-08-01 17:10 - 00000000 ____D C:\computer work
2013-08-01 21:36 - 2013-05-27 21:11 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 18:11 - 2011-01-22 10:37 - 01212303 _____ C:\Windows\WindowsUpdate.log
2013-08-01 18:10 - 2013-08-01 18:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-01 18:08 - 2009-07-13 23:45 - 00015376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 18:08 - 2009-07-13 23:45 - 00015376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-01 18:01 - 2013-05-27 21:11 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 18:00 - 2013-07-29 12:44 - 00000402 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-08-01 17:59 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 17:58 - 2009-07-13 23:51 - 00116158 _____ C:\Windows\setupact.log
2013-08-01 17:55 - 2013-08-01 17:55 - 00001214 _____ C:\AdwCleaner[S5].txt
2013-08-01 17:54 - 2013-08-01 17:54 - 00001154 _____ C:\AdwCleaner[R19].txt
2013-08-01 17:49 - 2013-08-01 17:49 - 00001255 _____ C:\Users\Mitch Tiffin\Desktop\JRT.txt
2013-08-01 17:46 - 2013-08-01 17:46 - 00000000 ____D C:\Windows\ERUNT
2013-08-01 17:45 - 2013-08-01 17:45 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Mitch Tiffin\Downloads\JRT.exe
2013-08-01 17:45 - 2013-08-01 17:45 - 00562430 _____ (Oleg N. Scherbakov) C:\Users\Mitch Tiffin\Desktop\JRT.exe
2013-08-01 17:43 - 2013-06-09 13:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-01 17:07 - 2013-08-01 16:51 - 00003289 _____ C:\Users\Mitch Tiffin\Desktop\RKreport[0]_S_08012013_165118.txt
2013-08-01 16:44 - 2013-05-29 20:39 - 00000000 ____D C:\Users\Mitch Tiffin\Desktop\RK_Quarantine
2013-08-01 16:32 - 2013-08-01 16:32 - 03782656 _____ C:\Users\Mitch Tiffin\Desktop\RogueKillerX64.exe
2013-08-01 16:29 - 2013-05-29 06:04 - 00000000 ____D C:\Windows\ERDNT
2013-08-01 13:08 - 2013-08-01 13:05 - 00000000 ____D C:\Windows\system32\MRT
2013-08-01 06:10 - 2011-12-23 17:56 - 00000000 ____D C:\Users\Mitch Tiffin\AppData\Roaming\Celemony Software GmbH
2013-07-31 22:38 - 2013-05-27 21:13 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-29 18:08 - 2013-06-12 06:20 - 00007603 _____ C:\Users\MITCHT~1\AppData\Local\resmon.resmoncfg
2013-07-29 17:42 - 2013-07-29 17:42 - 00014349 _____ C:\Users\Mitch Tiffin\Desktop\attach.txt
2013-07-29 17:41 - 2013-07-29 17:42 - 00014762 _____ C:\Users\Mitch Tiffin\Desktop\dds.txt
2013-07-29 17:22 - 2011-01-25 08:56 - 00022986 _____ C:\Windows\PFRO.log
2013-07-29 16:21 - 2013-07-29 16:17 - 00000000 ____D C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-29 16:17 - 2013-07-29 16:17 - 00003007 _____ C:\Users\Mitch Tiffin\Desktop\HiJackThisShort cut.lnk
2013-07-29 16:17 - 2013-07-29 16:17 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-29 16:15 - 2013-07-29 16:15 - 01402880 _____ C:\Users\Mitch Tiffin\Downloads\HiJackThis.msi
2013-07-29 15:36 - 2013-07-29 15:36 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Mitch Tiffin\Downloads\rkill.exe
2013-07-29 15:20 - 2013-07-29 15:20 - 00001093 _____ C:\AdwCleaner[R18].txt
2013-07-29 12:46 - 2013-07-29 12:46 - 00001178 _____ C:\AdwCleaner[S4].txt
2013-07-29 12:46 - 2013-07-29 12:45 - 00001010 _____ C:\AdwCleaner[R17].txt
2013-07-29 12:44 - 2013-07-29 12:44 - 00003064 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-07-29 12:44 - 2013-07-29 12:44 - 00000000 ____D C:\Program Files (x86)\fuLyriXeeker
2013-07-29 12:38 - 2013-07-29 12:38 - 00640864 _____ C:\Users\Mitch Tiffin\Downloads\FreeYouTubeDownloaderInstallerIC.exe
2013-07-29 10:10 - 2009-07-14 00:13 - 00730512 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 20:02 - 2011-01-31 20:08 - 00000000 ____D C:\Windows\pss
2013-07-27 18:43 - 2013-07-27 18:43 - 00892040 _____ (CNET Download.com) C:\Users\Mitch Tiffin\Downloads\cbsidlm-cbsi127-Free_Youtube_Downloader_Converter-SEO-75891114.exe
2013-07-27 17:10 - 2011-02-04 19:20 - 00000000 ____D C:\Users\Mitch Tiffin\Documents\NSAI
2013-07-26 10:24 - 2013-07-26 10:24 - 00000898 _____ C:\Users\Mitch Tiffin\Desktop\123w - Shortcut.lnk
2013-07-25 11:01 - 2011-01-22 10:38 - 00000000 ____D C:\Users\Mitch Tiffin
2013-07-24 07:04 - 2013-06-22 18:21 - 00002163 _____ C:\Users\Mitch Tiffin\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-07-24 07:03 - 2013-07-24 07:03 - 05373340 _____ C:\Users\Mitch Tiffin\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-07-23 16:44 - 2012-04-05 09:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-23 16:44 - 2011-05-17 16:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-23 16:44 - 2011-01-24 19:47 - 00000000 ____D C:\Users\MITCHT~1\AppData\Local\Adobe
2013-07-23 16:00 - 2012-04-26 06:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 20:46 - 2012-08-09 21:09 - 00001945 _____ C:\Windows\epplauncher.mif
2013-07-21 20:46 - 2012-08-09 21:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-21 20:45 - 2012-08-09 21:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-21 14:15 - 2011-09-26 20:53 - 00000000 ____D C:\Program Files (x86)\MasterWriter 2.0
2013-07-21 11:05 - 2013-07-21 11:05 - 00001714 _____ C:\Users\Mitch Tiffin\Desktop\CMA Songwriters Series _ _There Goes My Life_ - YouTube - Shortcut.lnk
2013-07-21 11:05 - 2013-07-21 11:05 - 00000925 _____ C:\Users\Mitch Tiffin\Desktop\There Goes My Life - Shortcut.lnk
2013-07-21 10:56 - 2013-07-21 10:56 - 00000940 _____ C:\Users\Mitch Tiffin\Desktop\Paint me a Birmingham - Shortcut.lnk
2013-07-21 10:16 - 2013-07-21 10:16 - 00666633 _____ C:\Users\Mitch Tiffin\Desktop\adwcleaner.exe
2013-07-21 08:33 - 2011-11-10 19:14 - 00001001 _____ C:\Users\Public\Desktop\Studio One 2 x64.lnk
2013-07-19 21:50 - 2012-12-11 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-19 09:41 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files\iTunes
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files\iPod
2013-07-18 16:40 - 2013-07-18 16:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-18 16:40 - 2013-07-18 16:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-18 16:40 - 2011-03-06 11:57 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-12 09:31 - 2013-05-27 21:11 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 09:31 - 2013-05-27 21:11 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 08:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-07-12 07:19 - 2011-01-22 10:38 - 00000000 ___RD C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-12 07:19 - 2011-01-22 10:38 - 00000000 ___RD C:\Users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-12 07:18 - 2009-07-13 23:45 - 00545872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:12 - 2009-07-14 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 07:12 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 07:12 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 22:24 - 2011-01-24 22:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-11 07:53 - 2013-07-11 07:53 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-11 07:53 - 2012-11-15 09:31 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-07-09 18:11 - 2011-01-24 20:01 - 00000000 ____D C:\Users\Mitch Tiffin\Documents\Studio One
2013-07-08 07:28 - 2012-11-03 15:35 - 00000000 ____D C:\Scans
2013-07-07 12:54 - 2011-03-28 23:58 - 00000000 ____D C:\Users\Mitch Tiffin\AppData\Roaming\vlc
2013-07-06 19:52 - 2012-01-01 16:02 - 00005620 _____ C:\Users\Mitch Tiffin\AppData\Roaming\MITCHTIFFIN-PC.MTBF.txt
2013-07-06 19:52 - 2012-01-01 16:02 - 00000000 ____D C:\Users\MITCHT~1\AppData\Local\Avid
2013-07-06 19:52 - 2012-01-01 15:53 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-07-06 19:48 - 2013-07-06 19:48 - 14595178 _____ C:\Users\Mitch Tiffin\Downloads\Rascal Flatts _ Cascada - What Hurts The Most (Boyce Avenue acoustic cover) on iTunes‬ & Spotify - YouTube.mp4
2013-07-06 14:29 - 2011-01-29 16:11 - 00000000 ____D C:\Users\Mitch Tiffin\Documents\Alarmtechs
2013-07-06 14:02 - 2013-07-06 14:11 - 462661632 _____ C:\Users\Mitch Tiffin\Downloads\00001.MTS
2013-07-06 09:48 - 2013-07-06 09:46 - 55433469 _____ C:\Users\Mitch Tiffin\Downloads\Guitar Lesson- Eric Clapton Acoustic Blues - YouTube.mp4
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-07-23 00:52
 
==================== End Of Log ============================


#11 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:19 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2013
Ran by Mitch Tiffin at 2013-08-01 22:06:05
Running from C:\Users\Mitch Tiffin\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
 Update for Microsoft Office 2007 (KB2508958) (x32)
112dB Redline Monitor v1.0.4 (x32 Version: 1.0)
64 Bit HP CIO Components Installer (Version: 8.2.1)
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.169)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Avid Studio (x32 Version: 1.1.0.2887)
Avid Studio Bonus Content (x32 Version: 1.0.0.325)
Avid Studio Plugins (x32 Version: 1.0.0.2804)
Belarc Advisor 8.1 (x32)
Bonjour (Version: 3.0.0.10)
BurnAware Free 4.1 (x32)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9)
Canon Utilities CameraWindow (x32 Version: 7.4.0.7)
Canon Utilities CameraWindow DC 8 (x32 Version: 8.1.0.11)
Canon Utilities MyCamera (x32 Version: 7.3.0.5)
Canon Utilities ZoomBrowser EX (x32 Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.3.0.4)
CD Click i-Studio (HKCU Version: 2.2.1.100)
DraftSight (x32 Version: 9.1.173)
Dragon NaturallySpeaking 11 (x32 Version: 11.50.100)
Epson CreativeZone (x32)
Epson Easy Photo Print 2 (x32 Version: 2.2.3.1)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (x32)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (x32 Version: 1.00.0000)
Epson Event Manager (x32 Version: 2.40.0001)
Epson FAX Utility (x32 Version: 1.10.00)
Epson PC-FAX Driver (x32)
Epson Print CD (x32 Version: 2.00.00)
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.4j)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
ERUNT 1.1j (x32)
ESET Online Scanner v3 (x32)
EZdrummer (x32 Version: 1.3.1)
EZDrummer 64-bit (Version: 1.3.2)
EZkeys Grand Piano 64 (Version: 1.0.2)
EZkeys Player 64-bit (Version: 1.1.0)
EZXCocktail (x32 Version: 1.2.4)
FlipShare (x32 Version: 5.12.3.0)
FreeRIP v3.6 (x32 Version: 3.6)
Futuremark SystemInfo (x32 Version: 3.21.2.1)
GEAR driver installer for x86 and x64 (x32 Version: 4.016.2)
Google Chrome (x32 Version: 28.0.1500.95)
Google Earth (x32 Version: 6.2.2.6613)
Google Update Helper (x32 Version: 1.3.21.153)
HiJackThis (x32 Version: 1.0.0)
ImageMixer 3 SE Ver.6 Transfer Utility (x32 Version: 6.00.018)
ImageMixer 3 SE Ver.6 Video Tools (x32 Version: 6.00.019)
iTunes (Version: 11.0.2.25)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Knoll Light Factory EZ Studio (x32)
Logitech Gaming Software 7.00 (Version: 7.00.291)
Lotus NotesSQL 3.01 driver (x32)
Lotus SmartSuite - English (x32 Version: 9.8.0)
Magic Bullet Looks Studio (x32)
MAGIX Xtreme Print Studio 5.0.0.7399 (US) (x32 Version: 5.0.0.7399)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MasterWriter 2.0 (x32)
Melodyne Runtime 4.1 (x64) (Version: 1.0.0)
Melodyne Runtime 4.1 (x64) (Version: 1.0.1)
Melodyne singletrack (x32 Version: 2.01.0045)
Memeo Instant Backup (x32 Version: 4.60.0.7876)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
MixMeister BPM Analyzer 1.0 (x32)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.0.0.001)
Native Instruments Abbey Road 60s Drums Vintage (x32)
Native Instruments Guitar Rig 3 (Version: 3.2.1.004)
Native Instruments Guitar Rig 3 (x32)
Native Instruments Guitar Rig 4 (Version: 4.1.0.1751)
Native Instruments Guitar Rig 4 (x32)
Native Instruments Komplete Elements (Version: 7.0.0.001)
Native Instruments Komplete Elements (x32)
Native Instruments Kontakt 4 (Version: 4.1.0.3681)
Native Instruments Kontakt 4 (x32)
Native Instruments Kontakt Elements Selection R2 (Version: 1.0.0.002)
Native Instruments Kontakt Elements Selection R2 (x32)
Native Instruments Reaktor 5 (Version: 5.5.0.10484)
Native Instruments Reaktor 5 (x32)
Native Instruments Reaktor Elements Selection (Version: 1.0.0.002)
Native Instruments Reaktor Elements Selection (x32)
Native Instruments Reaktor Spark R2 (Version: 1.0.0.001)
Native Instruments Reaktor Spark R2 (x32)
Native Instruments Service Center (Version: 2.2.5.596)
Native Instruments Service Center (x32)
NVIDIA 3D Vision Controller Driver 307.83 (Version: 307.83)
NVIDIA Control Panel 307.83 (Version: 307.83)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (x32 Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
ON Artisan 830 Series Printer Uninstall
On-Screen Takeoff (x32 Version: 3.8.1.36)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF reDirect (remove only) (x32 Version: v2.5.2)
PDFill PDF Editor with FREE Writer and FREE Tools (Version: 8.0)
Pinnacle Creative Pack Volume 1 (x32 Version: 1.00.0000.17)
Pinnacle Video Driver (Version: 12.1.0.030)
PreSonus FaderPort (x32)
PreSonus Studio One 2 x64 (Version: 2.5.2.22258)
PreSonus Studio One x64 (Version: 1.6.5.16006)
PreSonus Universal Control 3.5.2.8028 (Version: 3.5.2.8028)
PVSonyDll (Version: 1.00.0001)
QuickTime (x32 Version: 7.74.80.86)
Red Giant ToonIt Studio (x32)
Room EQ Wizard V5 (x32)
SAMSUNG USB Driver for Mobile Phones (x32 Version: 1.3.550.0)
ScoreFitter Volume 1 (x32 Version: 1.00.0000)
ScoreFitter Volume 2 (x32 Version: 1.00.0000)
Seagate Dashboard (x32 Version: 1.1.0.1421)
Sony DVD Architect Studio 4.5 (x32 Version: 4.5.66)
Sony Vegas Movie Studio 8.0 (x32 Version: 8.0.142)
Speccy (Version: 1.08)
SpeedFan (remove only) (x32)
Superior Drummer 64-bit (Version: 2.3.1)
Superior Drummer Installer (x32 Version: 2.2.1)
SureThing Express Labeler (x32)
swMSM (x32 Version: 12.0.0.1)
Toontrack solo (x32 Version: 1.3.2)
Toontrack solo 64 bit (Version: 1.3.2)
Trapcode 3DStroke Studio (x32)
Trapcode Particular Studio (x32)
Trapcode Shine Studio (x32)
TurboTax 2010 (x32)
TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0214)
TurboTax 2010 wrapper (x32 Version: 010.000.0157)
TurboTax 2011 (x32)
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0214)
TurboTax 2011 wrapper (x32 Version: 011.000.0121)
TurboTax 2012 (x32 Version: 2012.0)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179)
TurboTax 2012 wrapper (x32 Version: 012.000.0127)
Tweaking.com - Windows Repair (All in One) (x32 Version: 1.9.15)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Access 2007 Help (KB963663) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Verizon V CAST Media Manager (x32)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.0)
VLC media player 2.0.5 (x32 Version: 2.0.5)
 
==================== Restore Points  =========================
 
21-07-2013 23:30:27 Windows Update
22-07-2013 01:40:25 Windows Update
22-07-2013 01:50:59 Removed Microsoft Silverlight
25-07-2013 15:42:05 Windows Update
28-07-2013 01:12:27 Removed Microsoft Silverlight
28-07-2013 01:13:20 Removed Microsoft Silverlight
29-07-2013 14:14:13 Windows Update
29-07-2013 21:17:08 Installed HiJackThis
01-08-2013 18:05:00 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2013-06-02 15:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04EB9C1C-3F5E-46BD-ADBC-502C56F7624D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {318C2D2C-1D2E-4FED-8D83-8616D4DB7714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27] (Google Inc.)
Task: {51090A7D-C980-42F0-9C8E-DDD6313AD336} - System32\Tasks\Microsoft\Windows\PLA\New Data Collector Set => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {60A406CC-579B-4B34-B622-56A078E3B1C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27] (Google Inc.)
Task: {79874F79-6132-4DBF-BD73-02338B17C57A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C5E7E4D-5E17-4ABD-822D-3BEE9DC4518E} - System32\Tasks\LyricXeeker Update => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe No File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe
 
==================== Faulty Device Manager Devices =============
 
Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (08/01/2013 08:42:04 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 08:41:28 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:25 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:22 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:18 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:15 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:12 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:09 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:06 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/01/2013 07:25:03 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (06/09/2013 01:16:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 11:18:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 11:07:18 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 11:06:46 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 214 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 11:02:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 10:49:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/09/2013 09:58:15 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/02/2013 04:27:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/02/2013 04:13:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (06/01/2013 01:34:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 36684 seconds with 960 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-01 18:01:14.020
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-01 18:01:07.639
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-01 16:40:21.996
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-01 16:40:15.631
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-01 12:32:23.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-01 12:32:16.713
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-31 16:49:40.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-31 16:49:34.085
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-30 16:09:49.350
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-30 16:09:42.970
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 27%
Total physical RAM: 16382.18 MB
Available physical RAM: 11878.21 MB
Total Pagefile: 33162.54 MB
Available Pagefile: 28899.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:428.95 GB) NTFS (Disk=0 Partition=2)
Drive e: () (Fixed) (Total:931.5 GB) (Free:905.94 GB) NTFS (Disk=1 Partition=1)
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:1354.4 GB) NTFS (Disk=2 Partition=1)
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D4F15274)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 0D760D76)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=-198626967040) - (Type=07 NTFS)
 
==================== End Of Log ============================


#12 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:21 PM

# AdwCleaner v2.306 - Logfile created 08/01/2013 at 17:55:34
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Mitch Tiffin - MITCHTIFFIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Mitch Tiffin\Desktop\adwcleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16496
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v22.0 (en-US)
 
File : C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Mitch Tiffin\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R17].txt - [1010 octets] - [29/07/2013 12:45:49]
AdwCleaner[R18].txt - [1093 octets] - [29/07/2013 15:20:32]
AdwCleaner[R19].txt - [1154 octets] - [01/08/2013 17:54:19]
AdwCleaner[S4].txt - [1178 octets] - [29/07/2013 12:46:31]
AdwCleaner[S5].txt - [1085 octets] - [01/08/2013 17:55:34]
 
########## EOF - C:\AdwCleaner[S5].txt - [1145 octets] ##########


#13 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 01 August 2013 - 11:30 PM

C:\Users\Mitch Tiffin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APPRCZ6D\offer[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Mitch Tiffin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NY7AYPLW\cbsidlm-cbsi127-Freemake_Video_Converter-SEO-75218346.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Mitch Tiffin\AppData\Local\Temp\7931FA2.tmp multiple threats
C:\Users\Mitch Tiffin\AppData\Local\Temp\7939676.tmp multiple threats
C:\Users\Mitch Tiffin\AppData\Local\Temp\793CDEA.tmp multiple threats
C:\Users\Mitch Tiffin\AppData\Local\Temp\is1244477948\11803052_Setup.EXE Win32/OpenCandy application
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloader.exe a variant of Win32/KBM.A application
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade(1).exe multiple threats
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe multiple threats
C:\Users\Mitch Tiffin\Downloads\burnaware_free.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Mitch Tiffin\Downloads\cbsidlm-cbsi127-Free_Youtube_Downloader_Converter-SEO-75891114.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Mitch Tiffin\Downloads\freeripmp3-setup.exe multiple threats
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloader.exe a variant of Win32/KBM.A application
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade(1).exe multiple threats
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe multiple threats
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\burnaware_free.exe a variant of Win32/Bundled.Toolbar.Ask application
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\freeripmp3-setup.exe multiple threats


#14 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 01 August 2013 - 11:33 PM

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

Attached Files


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#15 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 02 August 2013 - 12:03 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-08-2013
Ran by Mitch Tiffin at 2013-08-02 00:01:53 Run:1
Running from C:\Users\Mitch Tiffin\Desktop
Boot Mode: Normal
==============================================
 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E58097-6CA5-448B-830F-2A19678248FB} => Key not found.
HKCR\CLSID\{17E58097-6CA5-448B-830F-2A19678248FB} => Key not found.
C:\Program Files (x86)\fuLyriXeeker => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APPRCZ6D\offer[1].htm => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NY7AYPLW\cbsidlm-cbsi127-Freemake_Video_Converter-SEO-75218346.exe => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Temp\7931FA2.tmp => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Temp\7939676.tmp => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Temp\793CDEA.tmp => Moved successfully.
C:\Users\Mitch Tiffin\AppData\Local\Temp\is1244477948\11803052_Setup.EXE => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloader.exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade(1).exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\burnaware_free.exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\cbsidlm-cbsi127-Free_Youtube_Downloader_Converter-SEO-75891114.exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\freeripmp3-setup.exe => Moved successfully.
C:\Users\Mitch Tiffin\Downloads\FreeYouTubeDownloaderInstallerIC.exe => Moved successfully.
C:\Windows\System32\Tasks\LyricXeeker Update => Moved successfully.
C:\Windows\Tasks\LyricXeeker Update.job => Moved successfully.
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloader.exe => Moved successfully.
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade(1).exe => Moved successfully.
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe => Moved successfully.
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\burnaware_free.exe => Moved successfully.
F:\Mitch Tiffin_Backup\2011-03-20_11-47-50\Memeo\2011-03-20_11-47-50\C_\Users\Mitch Tiffin\Downloads\freeripmp3-setup.exe => Moved successfully.
C:\Windows\Tasks\LyricXeeker Update.job not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7C5E7E4D-5E17-4ABD-822D-3BEE9DC4518E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C5E7E4D-5E17-4ABD-822D-3BEE9DC4518E} => Key deleted successfully.
C:\Windows\System32\Tasks\LyricXeeker Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LyricXeeker Update => Key deleted successfully.
 
==== End of Fixlog ====


#16 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 02 August 2013 - 12:11 AM

Looks good.  that redirector should hopefully be gone now but let's do a little more cleanup.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

 

 

 

Next, download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

 

 


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#17 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 02 August 2013 - 08:41 AM

Thanks for the help       
 
I run a studio from this computer and its a resource hog   
 
what would you suggest as the minimum i should run to protect the system from infection (its always online when recording)
 
and additional programs  should i turn on when i'm just surfing?
 
Thanks again

 Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 11.7.700.169  
 Adobe Reader XI  
 Mozilla Firefox (22.0) 
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
 
Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 11.7.700.169  
 Adobe Reader XI  
 Mozilla Firefox (22.0) 
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#18 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 02 August 2013 - 07:31 PM

So are all the redirect issue now gone?

 

If everything appears to be okay now we can start removing the tools and logs and discuss keeping you clean going forward.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#19 Mtiffin

Mtiffin

    New Member

  • Members
  • Pip
  • 33 posts

Posted 02 August 2013 - 09:01 PM

looks like it's in Frst quarantine

 

So lets move forward        as long as we don't stress my recording software (it has to come first)     but i can start loading protection before i use the general web  

 

most of what i do is trading Wave files on soundcloud and other music sites



#20 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,162 posts
  • Gender:Male
  • Location:US

Posted 07 August 2013 - 02:06 AM

Sorry for the delay.

 

 

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)
 
 
Please download OTC to your desktop.
http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.
 
 
 
Please read the following when you have time and if you have any questions let me know.
 
Best Practices for Safe Computing - Prevention of Malware Infection

 

 

We can discuss protection further if you like as well - again, just let me know.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users