Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't make any changes in a folder or sub folders


  • Please log in to reply
30 replies to this topic

#1 jpc100

jpc100

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 11 May 2015 - 08:42 PM

All, I have a computer that I built from scratch,It has two hard drives a 128 Samsung SSD on which I have Windows 7(the c drive) and a1T seagate sata drive (g drive) which i use to store programs and data. The problem is that on the Seagate drive the folder entitled programs will not allow any changes to be made, can't add, delete or change anything in the folder or subfolders- gives an error message saying you don't have permission, thus programs stored there can't be updated. This is the only folder on this drive that has this problem . It works fine until a couple weeks ago when I put on a virus program called avira, then decided to upgrade to the Pro version, it would not install correctly so I called tech support he remotely went into my computer and I think messed it up. Help! how do I restore the permissions so I can make changes in this folder.



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,862 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:24 PM

Posted 12 May 2015 - 10:15 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 12 May 2015 - 01:17 PM

Hamluis  Louis, thanks... here is the ino....  John.

 

 

http://speccy.piriform.com/results/ZpoxR031oWQcX3MTzrfFShC

 

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by John (administrator) on 12-05-2015 at 12:57:19
Running from "C:\Users\John\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/12/2015 00:55:18 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/12/2015 08:22:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:54:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:50:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:49:47 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:44:38 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:44:35 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:28:16 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:28:04 PM) (Source: DNS logging) (User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 05:14:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/12/2015 08:24:14 AM) (Source: Service Control Manager) (User: )
Description: The Safer Update Service (safer) service failed to start due to the following error: 
%%1053
 
Error: (05/12/2015 08:24:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Safer Update Service (safer) service to connect.
 
Error: (05/12/2015 08:23:12 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/12/2015 08:22:12 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ASPI32
 
Error: (05/12/2015 08:22:05 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater18.3.0 service failed to start due to the following error: 
%%2
 
Error: (05/12/2015 08:22:04 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (05/12/2015 08:21:52 AM) (Source: Service Control Manager) (User: )
Description: The Nonbrand_WUS-N_WPS Service service failed to start due to the following error: 
%%2
 
Error: (05/12/2015 08:21:52 AM) (Source: Service Control Manager) (User: )
Description: The Nonbrand_WUS-N Service service failed to start due to the following error: 
%%2
 
Error: (05/12/2015 08:21:36 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/11/2015 09:56:41 PM) (Source: Service Control Manager) (User: )
Description: The Safer Update Service (safer) service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (05/12/2015 00:55:18 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/12/2015 08:22:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:54:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:50:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2015 09:49:47 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:44:38 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:44:35 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:28:16 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 08:28:04 PM) (Source: DNS logging)(User: )
Description: Logger: Socket error: 10054
 
Error: (05/11/2015 05:14:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-11 16:23:20.094
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-11 16:23:20.068
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-11 16:23:20.040
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-11 16:23:20.014
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:54:34.350
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:54:34.329
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:53:20.391
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\John\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:53:20.371
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\John\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:53:20.346
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\John\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-29 15:53:20.326
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\John\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
AirDroid 3.0.2 (HKLM-x32\...\AirDroid) (Version: 3.0.2 - Sand Studio)
Aiseesoft Blu-ray Ripper 6.3.68 (HKLM-x32\...\{D1B455C8-C170-44fe-8A90-31263B5153C2}_is1) (Version: 6.3.68 - Aiseesoft Studio)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{431CE782-4C51-4996-B36F-5D98D5527538}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version:  - ArcSoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Blu-ray Copy 1.0.38 (HKLM-x32\...\{EE56B531-B655-4afa-9664-0C0970E5798B}_is1) (Version:  - )
Brother HL-2170W (HKLM-x32\...\{12D2A18B-ECEA-4351-A34A-B60F1FE04768}) (Version: 1.00 - Brother)
Canon CanoScan LiDE 700F User Registration (HKLM-x32\...\Canon CanoScan LiDE 700F User Registration) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CardGames2011 (HKLM-x32\...\{7CBB1E21-8B17-4A7B-9598-F73F38DB2A2D}) (Version: 1.00.0000 - Phantom EFX)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel PaintShop Pro X6 (HKLM-x32\...\{161AB62E-65D6-46E5-B3D8-2AC15D3B920B}) (Version: 16.2.0.20 - Corel Corporation) Hidden
Creative Content (HKLM-x32\...\_{696F7D83-CB87-471A-A37A-E09F758733C9}) (Version: 1.0.0.103 - Corel Corporation) Hidden
Creative Content (HKLM-x32\...\{696F7D83-CB87-471A-A37A-E09F758733C9}) (Version: 1.0.0.103 - Corel Corporation) Hidden
CyberLink PowerDirector 11 (HKLM\...\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.3230 - CyberLink Corp.) Hidden
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.3230 - CyberLink Corp.)
CyberLink PowerDirector 11 Content Pack Essential (HKLM-x32\...\InstallShield_{03AD770A-1530-437E-967F-ADD4E5B23164}) (Version: 11 - CyberLink Corp.)
CyberLink PowerDirector 11 Content Pack Premium (HKLM-x32\...\InstallShield_{37672760-7930-4911-9685-227E29AE2C55}) (Version: 11 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.3206 - CyberLink Corp.)
CyberPower PowerPanel Personal Edition 1.3.2 (HKLM-x32\...\{6984B5E1-721C-4F8E-BF5A-ED5F45D90EB6}) (Version: 1.3.2 - Cyber Power Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{999065C9-DB8A-4DFA-96C6-DAF1B9C02BB0}) (Version: 7.4.50415.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{5AAF2DE2-D40F-4C33-9B9E-3CE89EE3AA7A}) (Version: 7.4.50444.0 - DisplayLink Corp.)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVD Wizard Pro (HKLM-x32\...\DVD Wizard Pro1.0) (Version: 1.0 - 123 DVD Studios)
Elevated Installer (HKLM-x32\...\{7E73C9A3-24D9-4D7F-B4C7-7E4AFE0ADCCB}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free YouTube Downloader 4.0.361 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Garmin BaseCamp (HKLM-x32\...\{B0BED0BB-E1C4-49AA-840F-7CA052ADF5EB}) (Version: 4.3.4 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2015.10 (HKLM-x32\...\{FCDB42FC-A70B-4041-877F-D73E16DE4345}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America v8 (HKLM-x32\...\{A75949C3-DC28-42CA-9C56-24C002B93D89}) (Version: 8.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9FB8EC5B-03EE-463E-8F4F-84B525B986B7}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{1D91CBB5-4CB1-4757-B0FD-2122AF8AAB9E}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.26.9 - Google Inc.) Hidden
Hallmark Card Studio 2012 Deluxe (HKLM-x32\...\{8777089A-4CF4-44BA-910B-9A4580669DED}) (Version: 13.0.4.4 - Creative Home)
Hallmark Card Studio 2015 (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.0.11 - Creative Home)
Hallmark Card Studio 2015 Bonus Pack (HKLM-x32\...\{2C69ABC9-55B7-410E-89AB-4CBD84D8D37B}) (Version: 1.0.0.1 - Creative Home)
Hallmark Card Studio Premium Card Pack (HKLM-x32\...\{C20FE8FE-D757-4040-B42A-499583EC7FF4}) (Version: 1.0.0.1 - Creative Home)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.31161 (CD 2.8a) - Hauppauge Computer Works)
Hoyle Card Games 2005 (HKLM-x32\...\{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
Hoyle Puzzle & Board Games 2010 (remove only) (HKLM-x32\...\Hoyle Puzzle & Board Games 2010) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
ICA (HKLM-x32\...\{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.0.0.113 - Corel Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IPM_PSP_COM (HKLM-x32\...\{164D34E1-0271-4960-8A26-E8990A302DB1}) (Version: 16.0.0.113 - Corel Corporation) Hidden
IPM_PSP_COM64 (HKLM\...\{1678F86C-889D-4198-8249-F4625058256B}) (Version: 16.0.0.113 - Corel Corporation) Hidden
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iSofter DVD Ripper Platinum 3.0.2007.228 (HKLM-x32\...\iSofter DVD Ripper Platinum_is1) (Version:  - iSofter, Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2 Help Pack (English (United States)) (HKLM-x32\...\{16A8198E-985A-47BA-A5DE-FB69073FE031}) (Version: 4.2.4.2 - The Document Foundation)
LibreOffice 4.3.4.1 (HKLM-x32\...\{7D983A32-F645-48AB-8E38-4ACD234F40BC}) (Version: 4.3.4.1 - The Document Foundation)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{CFFCDEED-AF86-4DB2-8682-08A8207C5CD8}) (Version: 5.3.7290 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MapSource - U.S. Roads & Recreation v3.03 (HKLM-x32\...\{7E59113B-4869-4DFD-AE8F-F6C1C722AED4}) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
Nero Prerequisite Installer 3.0 (HKLM-x32\...\{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nero Prerequisite Installer 4.0 (HKLM-x32\...\{8441D319-8C7A-4398-B630-6BC3941A12C9}) (Version: 16.0.00600 - Nero AG)
Nero SoundTrax (HKLM-x32\...\{013AFAAD-FFDC-4BE6-9A2F-31C2785F66E5}) (Version: 12.0.01700 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{831D3D7B-169D-47F3-9117-D74934BF71BF}) (Version: 12.5.00100 - Nero AG)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Nuance OmniPage Ultimate (HKLM-x32\...\{419512F9-D5E7-4ED2-BF99-E7F2C0176B6A}) (Version: 19.00.0000 - Nuance Communications, Inc.)
Nuance PDF Reader (HKLM-x32\...\{0017FFDB-F7F3-4058-BCDF-D9204CFBDCB2}) (Version: 8.10.1302 - Nuance Communications, Inc.)
OmniForm 5.1 (HKLM-x32\...\{89DD6626-F35B-4989-9703-699E75129D0E}) (Version: 5.10.0000 - ScanSoft, Inc.)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Panda Devices Agent (HKLM-x32\...\{949F1EA1-D3E2-472E-BC7C-CB72374C0E55}) (Version: 1.05.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Free Antivirus (HKLM\...\{3EFFD82C-5F18-4494-A4B8-FBB045DA68A3}) (Version: 7.82.00.0000 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0002 - Panda Security)
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.2.3.1 - Panda Security)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.2.0 - Panda Security)
PCPLUS VFPOleDB Installer 1 (HKLM-x32\...\PowerChurch VFPOleDB Installer_is1) (Version:  - PowerChurch Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerChurch Plus 11 CodeStone E-Mail 7.0.21013 Files (HKLM-x32\...\{C13D6CAB-9F0F-4F0D-88C9-D04014EAD31F}_is1) (Version:  - PowerChurch Software)
PowerChurch Plus 11 PCIMAPI Files (HKLM-x32\...\{F371DEA2-5221-4547-89C7-4B0DC6E47563}_is1) (Version:  - PowerChurch Software)
PowerChurch Plus 11 Runtime Files (HKLM-x32\...\{8E7918B1-7D72-4E5A-9109-850D7B89DA8D}_is1) (Version:  - PowerChurch Software)
PowerDirector (HKLM\...\{2599B6F1-92AC-472C-BE60-9F17565E4938}) (Version: 11.0 - CyberLink Corp.) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0008 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
PSPPContent (HKLM-x32\...\{162BD2D6-6C63-41A7-8151-93188450D36A}) (Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{16346B2A-87BC-407C-9D6B-72A4D21ABF03}) (Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{16582334-495C-4F1C-A66B-3BFD8866B674}) (Version: 16.2.0.20 - Corel Corporation) Hidden
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RoboForm 7-9-13-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-13-5 - Siber Systems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Setup (HKLM-x32\...\{16006EE1-DDB7-4E5F-8696-9FEF32C0151A}) (Version: 16.0.0.113 - Corel Corporation) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: 4.1.0 - Verizon Wireless)
Virtual Account Numbers (HKLM-x32\...\{8EBF350F-DEAC-41E4-842D-DDE62BAC6FC1}) (Version: 1.0.6.0 - Citi) Hidden
Virtual Account Numbers (HKLM-x32\...\{DE700910-58F7-4D2E-B7E6-3BA2DA1B6806}) (Version: 4.0.0.2248 - Citi)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 34%
Total physical RAM: 8137.13 MB
Available physical RAM: 5357.19 MB
Total Pagefile: 16272.44 MB
Available Pagefile: 12265.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.04 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:47.38 GB) NTFS
3 Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
4 Drive g: (programs/data) (Fixed) (Total:931.39 GB) (Free:708.36 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JOHN2013
 
Administrator            Guest                    John                     
 
 
**** End of log ****


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,862 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:24 PM

Posted 12 May 2015 - 02:28 PM

Appears to me that you either had or suspected malware problems...topic moved to Am I Infected.

 

Louis



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 12 May 2015 - 02:34 PM

Hello, I'll be taking this topic from hamluis.

Let's take a look.

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

===

Please uninstall Spybot Search & Destroy, as its detection rate is poor and TeaTimer interferes with malware removal. You already have Malwarebytes which is better.

After that please run this.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#6 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 12 May 2015 - 09:02 PM

Alex,  Here are the results:

Thanks  John

 

 

Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Panda Free Antivirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Java 8 Update 45  
  Adobe Flash Player 16.0.0.235 Flash Player out of Date!  
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.90) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes' Anti-Malware Malwarebytes Anti-Exploit mbae-svc.exe  
 Malwarebytes' Anti-Malware Malwarebytes Anti-Exploit mbae64.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Malwarebytes' Anti-Malware Malwarebytes Anti-Exploit mbae.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 

Emsisoft Emergency Kit - Version 9.0
Last update: 5/12/2015 6:47:43 PM
User account: John2013\John
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, F:\, G:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 5/12/2015 6:48:35 PM
C:\ProgramData\free youtube downloader detected: Application.AppInstall (A)
C:\Users\John\AppData\Local\free youtube downloader detected: Application.AppInstall (A)
C:\Program Files (x86)\free youtube downloader detected: Application.AppInstall (A)
C:\Windows\couponprinter.ocx detected: Application.AdCoup (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREE YOUTUBE DOWNLOADER detected: Application.InstallAd (A)
G:\Downloads\cbsidlm-cbsi183-VSDC_Free_Video_Editor-SEO-75764187.exe detected: Application.Win32.InstallAd (A)
G:\Downloads\FreemakeVideoConverterSetup (1).exe detected: Application.Win32.AdSweet (A)
G:\Downloads\FreemakeVideoConverterSetup (2).exe detected: Application.Win32.AdSweet (A)
 
Scanned 448970
Found 9
 
Scan end: 5/12/2015 7:29:36 PM
Scan time: 0:41:01
 
G:\Downloads\FreemakeVideoConverterSetup (2).exe Quarantined Application.Win32.AdSweet (A)
G:\Downloads\FreemakeVideoConverterSetup (1).exe Quarantined Application.Win32.AdSweet (A)
G:\Downloads\cbsidlm-cbsi183-VSDC_Free_Video_Editor-SEO-75764187.exe Quarantined Application.Win32.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREE YOUTUBE DOWNLOADER Quarantined Application.InstallAd (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
C:\Windows\couponprinter.ocx Quarantined Application.AdCoup (A)
C:\Program Files (x86)\free youtube downloader Quarantined Application.AppInstall (A)
C:\Users\John\AppData\Local\free youtube downloader Quarantined Application.AppInstall (A)
C:\ProgramData\free youtube downloader Quarantined Application.AppInstall (A)
 
Quarantined 9
 


#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 13 May 2015 - 12:01 AM

Hi there,

Let's run these next.

Kaspersky Labs' TDSSKiller

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
===

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner

You will need to use Internet Explorer for this scan.
  • Hold down Ctrl and click here to open ESET Online Scanner in a new window.
  • Click the ESET Online Scanner button.
  • Put a checkmark in "YES, I accept the Terms of Use."
  • Click Start.
  • Accept any security warnings from your browser.
  • Under Scan settings, put a checkmark in Scan Archives.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Scan.
  • ESET Online Scanner will automatically update and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats.
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#8 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 13 May 2015 - 05:08 PM

alex, ran tdsskiller it found nothing, ran my copy of malewarebits pro it found nothing, could not run eset in explorer so ran it with crome it found 79 things did not check fix... just report..... should i try to run again in ie explorer and say fix or do what?

 

 

here is  eset report

 

C:\Program Files (x86)\pandasecuritytb\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringc.dll a variant of Win64/NetFilter.A potentially unsafe application
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringd.sys a variant of Win64/NetFilter.A potentially unsafe application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\101_cortica_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\102_dealply_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\104_jollywallet_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\105_corticas_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\107_coupish_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\108_icm_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\119_similar_web_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\120_luck_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\123_intext_adv_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\125_arcadi2_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\128_superfish_pricora_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\129_widdit_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\135_arcadi3_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\138_getdeal_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\141_corticas_ru_m.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\142_intext_fa_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\159_cortica_rollover_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\171_arcadi2_sourceID_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\175_coolmirage_m.js.vir JS/Toolbar.Crossrider.A potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\1_base.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\21_debug.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\28_initializer.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\92_superfish_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.18_0\js\lib\crossriderAPI.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\102_dealply_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\103_intext_5_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\104_jollywallet_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\105_corticas_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\126_revizer_ws_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\127_revizer_p_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\155_ibario_pops_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\184_noproblemppc_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\189_active_sanity.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\191_ciuvo_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\1_base.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\200_foxydeal_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\204_pricedetect_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\21_debug.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\28_initializer.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\91_monetizationLoader.js.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Qoobox\Quarantine\C\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\js\lib\crossriderAPI.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\Users\All Users\Panda Security URL Filtering\Panda_URL_Filteringc.dll a variant of Win64/NetFilter.A potentially unsafe application
C:\Users\All Users\Panda Security URL Filtering\Panda_URL_Filteringd.sys a variant of Win64/NetFilter.A potentially unsafe application
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000153 Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\File System\004\p\00\00000000 a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application
C:\Users\John\AppData\Roaming\How Inc\2B723B47CB04495391B9FA873C66BE4F\safer-browser_20150114.exe a variant of Win32/Distromatic.C potentially unwanted application
C:\Users\John\Desktop\spsetup128 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\Installer\MSI7F1F.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[1].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[2].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[3].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[4].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[1].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[2].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[3].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-SPE[4].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
G:\Downloads\FalconFour's Ultimate Boot CD v4.61.7z a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application
G:\Downloads\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application
G:\Downloads\FreeYouTubeDownloaderOC.exe a variant of Win32/OpenCandy.A potentially unsafe application
G:\Downloads\Nero_WaveEditor.exe a variant of Win32/OpenInstall potentially unwanted application
G:\Downloads\ReimageRepair.exe Win32/DownWare.AC potentially unwanted application
G:\Downloads\spsetup128 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\Downloads\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\Downloads\Unconfirmed 292384.crdownload Win32/DownWare.L potentially unwanted application
G:\Downloads\boot cd\F4UBCD-4.61.iso a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application
G:\Downloads\utilities\ccsetup400.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\Downloads\video driver\cbsidlm-tr1_14-ATI_Catalyst_Software_Suite_Windows_Vista_64bit__Windows_7_64bit__Windows_8_64bit-SEO-10607879.exe Win32/DownloadAdmin.G potentially unwanted application
G:\New folder\Tools\PandaSecurityTb.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application
G:\Programs\Tools\PandaSecurityTb.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application


#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 13 May 2015 - 05:11 PM

Hi there,

Apparently it detected ComboFix quarantine.

Please re-run ESET Online Scanner (which browser does not matter, as long as it runs that's okay), but this time chooses Remove found threats before you start the scan.

Regards,
Alex

#10 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 13 May 2015 - 11:05 PM

Alex,  ran combofix, then ran the eset, it deleted all but two items,  however this did not fix the permission problem - still gives message...."requires permission from system" again this is the only folder on my g drive that acts this way, but it has most of my programs stored there and i can't make any updates or changes....

 

 

john



#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 14 May 2015 - 01:39 AM

Hi there,

Please remember that ComboFix is not allowed in here, and that I did not ask you to run it. :)

Let's see if this will resolve the problem.

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.

Regards,
Alex

#12 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 14 May 2015 - 08:53 AM

alex, just a quick question.. how do i post logs here without coping and pasting in the post?

 

John 



#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 14 May 2015 - 11:25 AM

You will need to copy and paste the logs here - there is no way otherwise.

Alex

#14 jpc100

jpc100
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:12:24 PM

Posted 14 May 2015 - 12:03 PM

alex, ran pre scan and results show both repair reparse point and repair environment variable as active buttons...which one do i click?



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:24 PM

Posted 14 May 2015 - 12:04 PM

Hi there,

Please click both of them before proceeding. Thank you :)

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users