Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Webpage goes semi-dark and "[X] Close ad button appears???


  • Please log in to reply
15 replies to this topic

#1 jwmghf

jwmghf

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 10:05 AM

Hey guys:

 

That's what keeps popping up when I'm surfing the web.  No ad ever comes up if I just try to wait it out.  I can still see the page I was flipping to in the backround, but I have to click the X in order for the semi dark screen to disappear.  When I hit the Close button, it flips me back 2 pages prior to the content I was presently at???  Any ideas are welcomed.  It's not a disaster because it doesn't happen all the time but, I would prefer it to not come to that!!!

 

Running Windows 7 64-bit, Asus Rampage Extreme III, 12gb memory. 

 

Thanks,



BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:40 AM

Posted 16 May 2014 - 10:20 AM

Have you made any downloads recently?

 

Please download and install Speccy to provide us with information about your computer.  When  FileHippo opens, click on Download latest version in the upper right pane.
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
 

Please download MiniToolBox  , save it to your desktop and run it.
 
 Checkmark the following checkboxes:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
 Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.
 
 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 11:09 AM

Hey DC3:

 

Thanks for getting back to me.  I do download things on ocassion but I have Webroot and Malwarebytes running 24/7 to catch things if need be.  Here is my Speccy link:

 

http://speccy.piriform.com/results/T1bFbbTbmSQBX08ExrEqgco

 

Thanks



#4 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 11:23 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by John Murray (administrator) on 16-05-2014 at 12:11:04
Running from "G:\DvdLand\Internet Files\Tv\Reign\Programs"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/12/2014 07:37:49 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE22, HealthStatus: 0x0002000000000000

Error: (05/11/2014 00:31:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: gdiplus.dll, version: 6.1.7601.18120, time stamp: 0x515bc240
Exception code: 0xc000041d
Fault offset: 0x000000000005918f
Faulting process id: 0x1ccc
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3

Error: (05/11/2014 00:31:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54
Faulting module name: gdiplus.dll, version: 6.1.7601.18120, time stamp: 0x515bc240
Exception code: 0xc0000005
Fault offset: 0x000000000005918f
Faulting process id: 0x1ccc
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3

Error: (05/06/2014 09:39:22 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE22, HealthStatus: 0x0002000000000000

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14009

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14009

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13011

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13011

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (05/16/2014 10:38:19 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
8072241drv

Error: (05/16/2014 10:37:40 AM) (Source: Service Control Manager) (User: )
Description: The windrvNT service failed to start due to the following error:
%%2

Error: (05/16/2014 10:37:29 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:56:56 AM on ?5/?16/?2014 was unexpected.

Error: (05/15/2014 06:28:54 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/15/2014 06:27:57 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/15/2014 06:27:57 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/15/2014 06:27:20 PM) (Source: Service Control Manager) (User: )
Description: The EaseUS Agent Service service terminated unexpectedly.  It has done this 6 time(s).

Error: (05/15/2014 06:26:35 PM) (Source: Service Control Manager) (User: )
Description: The EaseUS Agent Service service terminated unexpectedly.  It has done this 5 time(s).

Error: (05/15/2014 06:25:33 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/15/2014 06:23:47 PM) (Source: Service Control Manager) (User: )
Description: The EaseUS Agent Service service terminated unexpectedly.  It has done this 4 time(s).


Microsoft Office Sessions:
=========================
Error: (05/12/2014 07:37:49 PM) (Source: Windows Activation Technologies)(User: )
Description: 0x8004FE220x0002000000000000

Error: (05/11/2014 00:31:45 PM) (Source: Application Error)(User: )
Description: DllHost.exe6.1.7600.163854a5bca54gdiplus.dll6.1.7601.18120515bc240c000041d000000000005918f1ccc01cf6d3651555170C:\Windows\system32\DllHost.exeC:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\gdiplus.dllbd59b2d0-d929-11e3-bb70-005056c00008

Error: (05/11/2014 00:31:40 PM) (Source: Application Error)(User: )
Description: DllHost.exe6.1.7600.163854a5bca54gdiplus.dll6.1.7601.18120515bc240c0000005000000000005918f1ccc01cf6d3651555170C:\Windows\system32\DllHost.exeC:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\gdiplus.dllba848f32-d929-11e3-bb70-005056c00008

Error: (05/06/2014 09:39:22 PM) (Source: Windows Activation Technologies)(User: )
Description: 0x8004FE220x0002000000000000

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14009

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14009

Error: (04/29/2014 10:43:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13011

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13011

Error: (04/29/2014 10:43:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-05-15 18:27:57.602
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 18:27:57.571
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 18:27:57.538
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-15 18:27:57.507
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-14 20:19:16.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 20:19:16.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 20:19:16.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 20:19:16.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 20:19:16.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 20:19:16.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 9.25 (x64 edition) (Version: 9.25.00.0)
abgx360 v1.0.6
AC-3 ACM Codec x64 2.2 (Version: 2.2)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AnyDVD (Version: 7.1.9.0)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AviSynth 2.5
BitTorrent (Version: 7.9.1.30739)
Bluetooth Stack for Windows by Toshiba (Version: v7.10.01)
Bonjour (Version: 3.0.0.10)
calibre (Version: 1.30.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Cool & Quiet
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dolphin Futures XPS Viewer version 1.1.0 (Version: 1.1.0)
Driver Genius Professional Edition (Version: 11.0)
DVD Decrypter (Remove Only)
EaseUS Partition Master 9.3.0
EaseUS Todo Backup Free 6.5 (Version: 6.5)
Elevated Installer (Version: 2.1.13)
eReg (Version: 1.20.138.34)
ffdshow x64 v1.2.4499 [2013-01-04] (Version: 1.2.4499.0)
Find and Mount 2.32 (Version: 2.32)
FolderSizes 6 (Version: 6.1.71)
Foxit PhantomPDF (Version: 5.5.6.218)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin Update Service (Version: 2.1.13)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.24.7)
Haali Media Splitter
HP Officejet Pro 8600 Basic Device Software (Version: 28.0.1315.0)
HP Officejet Pro 8600 Help (Version: 28.0.0)
HP Update (Version: 5.005.000.002)
I.R.I.S. OCR (Version: 12.3.4.0)
iFunbox (v2.6.2375.747), iFunbox DevTeam (Version: v2.6.2375.747)
ImgBurn (Version: 2.5.8.0)
Intel® Network Connections 17.1.55.0 (Version: 17.1.55.0)
Internet Download Manager
iTunes (Version: 11.1.3.8)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
JDownloader 2 (Version: 2.0)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Logitech SetPoint 6.52 (Version: 6.52.74)
Malwarebytes Anti-Malware version 2.0.2.1007 (Version: 2.0.2.1007)
marvell 91xx driver (Version: 1.0.0.1045)
Matroska Pack
MediaInfo 0.7.67 (Version: 0.7.67)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506)
Minecraft1.6.4
MKVToolNix 6.2.0 (Version: 6.2.0)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 28.0)
MSI Afterburner 2.3.1 (Version: 2.3.1)
MyDefrag v4.3.1 (Version: 4.0.0.0)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506)
QuickTime (Version: 7.74.80.86)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
RedSn0w Packages
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
SDFormatter (Version: 3.1.0)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.14 (Version: 6.14.104)
Speccy (Version: 1.26)
Tipard All Music Converter 6.1.50
Tipard iPod Transfer Platinum 5.1.28
Tipard Video Converter Platinum 6.2.6
TMPGEnc DVD Author 1.6 (Version: 1.6.34)
TMPGEnc Plus 2.5 (Version: 2.524.63.181)
TMPGEnc Sound Player (Version: 1.0.5.13)
tools-freebsd (Version: 9.6.1.1379776)
tools-linux (Version: 9.6.1.1379776)
tools-netware (Version: 9.6.1.1379776)
tools-solaris (Version: 9.6.1.1379776)
tools-windows (Version: 9.6.1.1379776)
tools-winPre2k (Version: 9.6.1.1379776)
UltraISO Premium V9.53
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.1.3 (Version: 2.1.3)
VMware Workstation (Version: 10.0.1)
VSO ConvertXToDVD (Version: 5.0.0.44)
WBFS Manager 3.0 (Version: 3.0)
Webroot SecureAnywhere (Version: 8.0.4.70)
WinAVI All-in-One Converter (Version: 1.7.0.4734)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Your Uninstaller! 7 (Version: 7.5.2013.2)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 12279.12 MB
Available physical RAM: 9102.84 MB
Total Pagefile: 24556.41 MB
Available Pagefile: 21207.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.45 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:149.67 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:1861.5 GB) (Free:1543.16 GB) NTFS
4 Drive f: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
5 Drive g: (New Volume) (Fixed) (Total:3725.74 GB) (Free:1754.94 GB) NTFS
6 Drive h: (All Programs) (Fixed) (Total:1863.01 GB) (Free:1807.49 GB) NTFS
11 Drive n: (WII HACKS) (Fixed) (Total:2 GB) (Free:1.81 GB) FAT32
12 Drive o: (Backups) (Fixed) (Total:428.85 GB) (Free:329.8 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHNMURRAY-PC

Administrator            Guest                    John Murray              

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

 

 

 


Edited by jwmghf, 16 May 2014 - 11:38 AM.


#5 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 11:39 AM

Hey DC3:

 

Here is AdwCleaner:

 

 

# AdwCleaner v3.208 - Report created 16/05/2014 at 12:27:17
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : John Murray - JOHNMURRAY-PC
# Running from : G:\DvdLand\Internet Files\Tv\Reign\Programs\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\gReaatsavaerr
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Program Files (x86)\Jump Flip
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\gReaatsavaerr
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\John Murray\AppData\Local\Babylon
Folder Deleted : C:\Users\John Murray\AppData\Local\Conduit
Folder Deleted : C:\Users\John Murray\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\John Murray\AppData\Local\genienext
Folder Deleted : C:\Users\John Murray\AppData\Local\Mobogenie
Folder Deleted : C:\Users\John Murray\AppData\Local\SearchProtect
Folder Deleted : C:\Users\John Murray\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\John Murray\AppData\Local\torch
Folder Deleted : C:\Users\John Murray\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John Murray\AppData\Roaming\Babylon
Folder Deleted : C:\Users\John Murray\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\John Murray\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\John Murray\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\John Murray\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\John Murray\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\John Murray\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\John Murray\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\John Murray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\John Murray\AppData\Roaming\Mozilla\Firefox\Profiles\gtpl34er.default-1391873809801\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\John Murray\AppData\Roaming\Mozilla\Firefox\Profiles\128xd5tp.default\Extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabcegniolkdoifkcehnnmppafhlimim
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabcegniolkdoifkcehnnmppafhlimim
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabcegniolkdoifkcehnnmppafhlimim
Folder Deleted : C:\Users\John Murray\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabcegniolkdoifkcehnnmppafhlimim
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfhcebcgmjdikmmfcplbijohggpnlog
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfhcebcgmjdikmmfcplbijohggpnlog
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfhcebcgmjdikmmfcplbijohggpnlog
Folder Deleted : C:\Users\John Murray\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfhcebcgmjdikmmfcplbijohggpnlog
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\John Murray\daemonprocess.txt
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
File Deleted : C:\Windows\System32\Tasks\YourFile DownloaderUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_57da8c42
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v19.0 (en-US)

[ File : C:\Users\John Murray\AppData\Roaming\Mozilla\Firefox\Profiles\gtpl34er.default-1391873809801\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [10352 octets] - [16/05/2014 12:25:35]
AdwCleaner[S0].txt - [9700 octets] - [16/05/2014 12:27:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9760 octets] ##########


Edited by jwmghf, 16 May 2014 - 11:43 AM.


#6 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 11:48 AM

Still getting the [X] Close :(



#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:40 AM

Posted 16 May 2014 - 01:32 PM

When did you run combofix?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 02:32 PM

I ran Combofix on yesterday at 6:30pm.  I run it when my other antivirus/antispyware programs give me a clean sweep but I can tell something's still not right with my system.  Let me know if you want me to post its findings.  I don't think I'm supposed to post it in this particular forum.

 

Thanks



#9 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:40 AM

Posted 16 May 2014 - 03:36 PM

No, you can not post a combofix log in this forum.

 

Uninstall combofix in the Control Panel under Programs and Features.  Then rerun the MiniToolBox and post the log here.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#10 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 03:48 PM

It's not in my Programs and Features.  It's an .exe file that doesn't load up in Program Files.  It never shows up in Programs and Features.  If you know something I don't please share!!!  Should I simply delete it and then rerun MiniToolBox??


Edited by jwmghf, 16 May 2014 - 03:49 PM.


#11 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:40 AM

Posted 16 May 2014 - 04:33 PM

Click on the Start orb, then copy and then paste combofix /uninstall in the Search programs and files box.

 

combofix /uninstall will appear above the Search box under Apps.  Right click on it and choose Run as administrator.

 

This will uninstall Combofix.

 

Now, please rerun  the MiniToolBox and post the log.


Edited by dc3, 16 May 2014 - 04:33 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#12 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 05:48 PM

I copied and pasted "combofix/uninstall" in the start orb search and the only things that shows up are ComboFix2.txt

Extras.txt under Files.  Nothing shows up under Apps.

 

That it?  Like I said earlier, it has never loaded itself as a program, it always just ran as a portable .exe file. 


Edited by jwmghf, 16 May 2014 - 06:58 PM.


#13 donetao

donetao

  • Members
  • 270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:40 AM

Posted 16 May 2014 - 07:11 PM

Hello! you might try this App. Search Everything!!

http://www.voidtools.com/

http://www.voidtools.com/faq.htm



#14 jwmghf

jwmghf
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:01:40 PM

Posted 16 May 2014 - 07:40 PM

I ran Everything and yes it found everything "ComboFix".  I can go ahead and delete all of it but I think DC3 wants me to uninstall ComboFix.  I don't think that's possible.  I think it should just be deleted.  It's a portable .exe if I'm not mistaking?  Not sure what to do so I'll wait for someone else to confirm or try something different.

 

Thanks donetao



#15 donetao

donetao

  • Members
  • 270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:40 AM

Posted 16 May 2014 - 08:08 PM

Hello! Your welcome! You might give this a read from Malwarebytes!!

https://forums.malwarebytes.org/index.php?showtopic=127299






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users