Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SystemMove


  • Please log in to reply
10 replies to this topic

#1 pops1

pops1

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 21 April 2015 - 02:00 PM

I have an unknown program on my pc that I don't know anything about.  It shows as" SystemMove" and it will not uninstall normally.  Does anyone know about this program and how to remove it?



BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,854 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:00 PM

Posted 21 April 2015 - 04:03 PM

I think we need more information/data.

 

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 pops1

pops1
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 08 May 2015 - 03:49 PM

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Ken (administrator) on 08-05-2015 at 15:45:59
Running from "C:\Users\Ken\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Inspiron 560 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2015 08:06:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/07/2015 09:14:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 08:17:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 04:52:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 07:55:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 09:29:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 08:05:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 08:14:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 10:32:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 09:21:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/08/2015 08:06:19 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time provider 'VMICTimeProvider' failed to start due to the following error: The specified module could not be found. (0x8007007E)

Error: (05/08/2015 08:06:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemMove service to connect.

Error: (05/08/2015 08:05:47 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.

Error: (05/08/2015 08:05:45 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.

Error: (05/07/2015 09:14:06 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time provider 'VMICTimeProvider' failed to start due to the following error: The specified module could not be found. (0x8007007E)

Error: (05/07/2015 09:14:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemMove service to connect.

Error: (05/07/2015 09:13:35 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.

Error: (05/07/2015 09:13:31 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.

Error: (05/06/2015 08:16:47 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time provider 'VMICTimeProvider' failed to start due to the following error: The specified module could not be found. (0x8007007E)

Error: (05/06/2015 08:16:45 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemMove service to connect.


Microsoft Office Sessions:
=========================
Error: (05/08/2015 08:06:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/07/2015 09:14:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 08:17:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 04:52:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 07:55:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 09:29:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 08:05:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 08:14:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 10:32:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 09:21:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-08-04 14:01:50.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 14:01:50.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 14:01:50.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-30 15:01:54.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-30 15:01:54.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-30 15:01:54.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-17 17:59:30.953
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-17 17:59:30.938
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-17 17:59:30.938
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-09 14:26:55.999
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version:  - )
Canon iP2600 series User Registration (HKLM-x32\...\Canon iP2600 series User Registration) (Version:  - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CardRd81 (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
CCHelp (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CCScore (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CR2 (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Desktop Taipei version 2.2 (HKLM-x32\...\Desktop Taipei_is1) (Version:  - )
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
ESSAdpt (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSANUP (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSBrwr (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCAM (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 4.00.0000.0102 - EASTMAN KODAK Company) Hidden
ESSCT (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
ESShelp (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 4.00.0000.0007 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSSONIC (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSTUTOR (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpaht (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpot (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)
High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden
HLPCCTR (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
HLPIndex (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
HLPPDOCK (x32 Version: 4.00.0000.0002 - EASTMAN KODAK Company) Hidden
HLPRFO (x32 Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.45.14 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
KSU (x32 Version: 632.62.0002.0001 - EASTMAN KODAK Company) Hidden
LinksysEasyLinkAdvisor (HKLM-x32\...\InstallShield_{2369561B-FD79-47F0-905D-B5FC7BAA9C80}) (Version:  - )
LinksysEasyLinkAdvisor (Version: 3.0.8122.29 - Linksys, Cisco System.) Hidden
Macromedia Shockwave Player (HKLM-x32\...\Macromedia Shockwave Player) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.5.0.3093 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Encarta Encyclopedia Standard 2006 (HKLM-x32\...\{06040048-3E21-46D6-9A91-D927BA08F41D}) (Version: 2006 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Microsoft Works Suite 2006 Setup Launcher (HKLM-x32\...\Works2006Setup) (Version:  - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}) (Version: 8.0.0.0000 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10200.0.0 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12500.0.5 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Notifier (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
NVIDIA 3D Vision Driver 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.78 - NVIDIA Corporation)
NVIDIA Control Panel 320.78 (Version: 320.78 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.78 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2078 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OTtBP (x32 Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
OTtBPSDK (x32 Version: 4.00.0000.0000 - EASTMAN KODAK Company) Hidden
PCDLNCH (x32 Version: 4.00.0000.0101 - EASTMAN KODAK Company) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pure Networks Platform (x32 Version: 10.1.8116.1 - Pure Networks) Hidden
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5963 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SFR (x32 Version: 3.03.0000.0001 - Eastman Kodak Company) Hidden
SFR2 (x32 Version: 3.03.0000.0002 - EASTMAN KODAK Company) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SystemMove (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c55a37db}) (Version:  - Software Publisher)
VCAMCEN (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
VPRINTOL (x32 Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Works Upgrade (x32 Version: 8.0.0.0000 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 4094.98 MB
Available physical RAM: 2545.08 MB
Total Pagefile: 8188.16 MB
Available Pagefile: 6259.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.54 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:867.52 GB) NTFS

========================= Users: ========================================

User accounts for \\KEN

Administrator            ASPNET                   Guest                    
Ken                      UpdatusUser              


**** End of log ****
 



#4 pops1

pops1
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 08 May 2015 - 04:02 PM

http://speccy.piriform.com/results/j4aNBbwMxYC8wS8EAQnoumk



#5 hamluis

hamluis

    Moderator


  • Moderator
  • 54,854 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:00 PM

Posted 08 May 2015 - 04:19 PM

I think that we need to move this to Am I Infected for a check...I draw blanks when looking for said program or service.

 

Louis



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:00 PM

Posted 08 May 2015 - 04:48 PM

Hi there,

A Google search shows that software is malware. Louis is right in moving this to Am I Infected. :)

Please uninstall the following software with Programs and Features:

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
SystemMove (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c55a37db}) (Version: - Software Publisher)

If you run into any issues or need more instructions on how to do this, let me know.

After that please run these.

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

===

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#7 pops1

pops1
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 09 May 2015 - 05:28 PM

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 45  
 Adobe Flash Player 17.0.0.169  
 Mozilla Firefox (37.0.2)
 Mozilla Thunderbird (31.6.0)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#8 pops1

pops1
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 09 May 2015 - 06:49 PM

Emsisoft Emergency Kit - Version 9.0
Last update: 5/9/2015 5:52:21 PM
User account: KEN\Ken

Scan settings:

Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, Q:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    5/9/2015 5:54:20 PM

Scanned    198731
Found    0

Scan end:    5/9/2015 6:45:34 PM
Scan time:    0:51:14
 



#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:00 PM

Posted 10 May 2015 - 01:10 AM

Hi there,

Let's run a couple more scans to make sure that you are clean.

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner

You will need to use Internet Explorer for this scan.
  • Hold down Ctrl and click here to open ESET Online Scanner in a new window.
  • Click the ESET Online Scanner button.
  • Put a checkmark in "YES, I accept the Terms of Use."
  • Click Start.
  • Accept any security warnings from your browser.
  • Under Scan settings, put a checkmark in Scan Archives.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Scan.
  • ESET Online Scanner will automatically update and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats.
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#10 pops1

pops1
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 19 May 2015 - 02:19 PM

alwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/19/2015
Scan Time: 2:00:26 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.19.04
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ken

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406601
Time Elapsed: 13 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, , [156b890c0d7d86b019398de554b122de],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:00 PM

Posted 19 May 2015 - 02:22 PM

Hi there,

Please proceed with ESET Online Scanner. Thank you.

In case that you do not wish to use Internet Explorer, please follow the instructions below for other browsers.

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users