Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow computer high memory usage


  • Please log in to reply
19 replies to this topic

#1 crewjones33

crewjones33

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 27 September 2015 - 08:15 AM

I received a used computer from my father. I did a reinstall of windows and now computer is super slow. Please help, I have read other post with similar issues and have all ready downloaded mini tool box and Speccy. Thanks in advance for any help.
MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by JRay (administrator) on 27-09-2015 at 09:03:07
Running from "C:\Users\JRay\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite C655D Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/27/2015 08:54:29 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:  (no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:44:29 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:  (no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:39:26 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}
 
Error: (09/27/2015 08:34:28 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:  (no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:24:28 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 01:08:05 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/26/2015 07:06:55 PM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/26/2015 06:56:54 PM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/07/2015 03:53:32 AM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/06/2015 09:46:16 PM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
System errors:
=============
Error: (09/27/2015 08:41:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
 
Error: (09/26/2015 06:56:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
 
Error: (09/06/2015 08:35:32 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.
 
Error: (09/03/2015 06:24:54 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (09/03/2015 06:24:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UxSms service.
 
Error: (09/02/2015 11:57:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error: 
%%16405
 
Error: (09/02/2015 11:48:32 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:46:40 PM on ‎9/‎2/‎2015 was unexpected.
 
Error: (09/02/2015 11:46:43 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/02/2015 11:46:39 PM) (Source: Service Control Manager) (User: )
Description: The Common Client Job Manager Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (09/02/2015 11:46:39 PM) (Source: Service Control Manager) (User: )
Description: The Toshiba Laptop Checkup Application Launcher service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (09/27/2015 08:54:29 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:44:29 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:39:26 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (09/27/2015 08:34:28 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 08:24:28 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/27/2015 01:08:05 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/26/2015 07:06:55 PM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/26/2015 06:56:54 PM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/07/2015 03:53:32 AM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (09/06/2015 09:46:16 PM) (Source: Toshiba App Place)(User: )
Description: System.Net.WebException: The remote name could not be resolved: 'api.snappcloud.com'
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{1D27E8CF-7546-F200-4CA3-CD2F39909F5A}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-40aa3542-5616-43eb-8ad4-f46f056d3915) (Version: 2.2.0.97 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{AE26F217-2100-A52C-2A00-3829358E4930}) (Version: 2011.0216.726.13233 - ATI) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-2fb0f18e-802c-4201-95e4-534609e69a2a) (Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
FATE - The Traitor Soul (HKLM-x32\...\WTA-e4b33c40-a618-44f2-b53f-76b454837175) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.4.3607.2246 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.29 - Google Inc.) Hidden
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Quest: The Sleepless Star - Collector's Edition (HKLM-x32\...\WTA-3713acb8-3145-4970-bf53-2da4eca7f099) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Penguins! (HKLM-x32\...\WTA-a765a40f-699b-441f-b360-41f0f3d37cac) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-4387ed16-c214-4e4b-af5d-fcbedd492d8f) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (HKLM-x32\...\WTA-aef88e7c-a509-47b5-9eef-39b7f9dcefdc) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Tom Clancy's Splinter Cell (HKLM-x32\...\WTA-d68f838b-b1c9-4a3b-a2ba-2b9b0ca866ab) (Version: 2.2.0.97 - WildTangent) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.14 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.10.26 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.45 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.07 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.22.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.1 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.4.16 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WMV9/VC-1 Video Playback (HKLM\...\{522D5958-FFF0-2849-776B-442BE2A0004C}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-b36fafb1-5751-4b4a-882a-dd2a4726e051) (Version: 2.2.0.97 - WildTangent) Hidden
 
========================= Memory info: ===================================
Percentage of memory in use: 80%
Total physical RAM: 2662.87 MB
Available physical RAM: 528.01 MB
Total Virtual: 5323.93 MB
Available Virtual: 2597.33 MB
 
========================= Partitions: =====================================
1 Drive c: (TI106147W0C) (Fixed) (Total:285.29 GB) (Free:249.94 GB) NTFS
 
========================= Users: ========================================
User accounts for \\JRAY-PC
 
Administrator            Guest                    JRay                     
 
 
**** End of log ****
 
http://speccy.piriform.com/results/2ce6S2jtlbbfzZnySavreK7
Merged posts...moved from Win 7 to Am I Infected - Hamluis.
 

Edited by hamluis, 27 September 2015 - 01:50 PM.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:17 AM

Posted 27 September 2015 - 09:58 AM

Go to Microsoft Support and download the Fix it in the first set of instructions.

 

Your copy of Adobe Reader and Java are out of date.  These have the potential of being a security issue when they are out of date.  You need to download and install the latest versions of these.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 27 September 2015 - 10:07 AM

Thanks



#4 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 10 October 2015 - 09:45 AM

I have updated everything and the computer is still so slow. It takes a long time for things to load and freezes often.



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:17 AM

Posted 10 October 2015 - 09:57 AM

You need to update Adobe Reader to the XI version.  The X version is no longer supported, this makes it a potential security risk.
 
Please run the following scans.
 
Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
malwarerun_zps9abd4ef1.png
 
4)  When the scan is complete the results will be displayed.  Click on Delete All.
 
malwarenew_zps34b58fdc.png
 
5)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
================
 

Please run AdwCleaner
 
Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.
 
================
 

Please download Junkware Removal Tool to your desktop.

  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 10 October 2015 - 09:58 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 11 October 2015 - 04:49 AM

mbam-check result log version:     2.1.1.1001
========================================
 
User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0 
Malwarebytes Anti-Malware:         2.1.8.1057
Installed On:                      2015/07/19
Malware Database:                  2015.10.10.06
Rootkit Database:                  2015.10.06.01
Remediation Database:              2015.10.09.01
IP Database:                       2015.10.10.01
Domain Database:                   2015.10.10.05
License:                           Free
Malware Protection:                0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
Malicious Website Protection:      0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2015/10/11 05:47:32
Compatibility Flag Settings:
=================================
 
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\Java\jre6\bin\javacpl.exeREG_SZ ELEVATECREATEPROCESS
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
C:\windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.6.0 MD5: [ae757332ea130e94e646621cc695b52a]
C:\windows\system32\drivers\mbamswissarmy.sys
File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
C:\windows\system32\drivers\mbamchameleon.sys
File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
 
--------------MBAMProtector:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMService:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
 
{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
 
{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
 
{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
 
{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
 
{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
 
{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
 
{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
 
{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
 
{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
 
{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
 
{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
 
{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
 
{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
 
{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
 
{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
 
{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
 
{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
 
{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
 
{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
 
{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
 
{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
 
{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
 
{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
 
{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
 
{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
 
{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
 
{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
 
{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
 
{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
 
{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
 
{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
 
{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
 
{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
 
{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
 
{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
 
{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
 
{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
 
{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
 
{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
 
{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
 
{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
 
{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
 
{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
 
{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
 
{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
 
{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
 
{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
 
{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
 
{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
 
{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
 
{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 
{d4bd4a0f-7591-4da2-ae67-3aa97c3c34c2}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
 
C:\windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\windows\SysWOW64\comctl32.ocx
File Size: 1351392   BYTES FileVersion: 6.0.81.6 MD5: [2640ad05ab39321e6c9d3c71236ca0df]
C:\windows\SysWOW64\mscomctl.ocx
File Size: 1081616   BYTES FileVersion: 6.1.97.82 MD5: [ecc7d7f0d3446de36045d1d9e964fafe]
C:\windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    SelfProtection:                                            false 
    StartSilentMode:                                           false 
    StartupDelay:                                              -15 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Marketing: 
    LastPostScanMarketingIndex:                                3 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       3000 
ScanHistory: 
    Duration_Complete:                                         1167309 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       3391 
    Duration_Heuristics:                                       1654686 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          75304 
    Duration_Registry:                                         83323 
    Duration_Sector:                                           0 
    Duration_Startup:                                          87366 
    ItemCount_Complete:                                        286580 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      44880 
    ItemCount_Heuristics:                                      8976 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         75250 
    ItemCount_Registry:                                        567 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         1519 
    LastScanDateEpoch:                                         1444524139866 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2015-10-11T00:40:32 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    7 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Free 
  Expiration Time:                                             2015/08/02 19:10:24 
  Activation Time:                                              
  Trial Used:                                                  true 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
tasks: 
    4c6852b9-588a-444a-abbc-21a757f664ef:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             false 
        ProcessLaunchedFromScheduler:                          true 
        TaskType:                                              3 
      triggers:                                                 
        85cd548c-71cd-4003-981c-752e50938f00:                   
          dateinterval:                                        0:0:0 
          lastscheduled:                                       Sun, 11 Oct 2015 05:05:27.090088 -0400 
          lasttriggered:                                       Wed, 05 Aug 2015 00:20:23.640400 -0400 
          nextscheduled:                                       Sun, 11 Oct 2015 06:05:27.090088 -0400 
          recovery:                                            00:00:00 
          start:                                               Sun, 19 Jul 2015 16:05:27.090088 -0400 
          timeinterval:                                        01:00:00 
          type:                                                3 
          uuid:                                                85cd548c-71cd-4003-981c-752e50938f00 
      type:                                                    update 
      uuid:                                                    4c6852b9-588a-444a-abbc-21a757f664ef 
    cd545293-4215-4a1a-b687-5a95dc667edc:                       
      parameters:                                               
        AutoDelete:                                            false 
        CheckForUpdatesBeforeScanStart:                        true 
        ProcessLaunchedFromScheduler:                          true 
        ScanConfig:                                             
          ExportLog:                                           true 
          FileSystemOption:                                    true 
          Quarantine:                                          Prompt 
          RebootSystemWhenMalwareDetected:                     false 
          ScanArchives:                                        true 
          ScanExtra:                                           true 
          ScanHeuristic:                                       true 
          ScanMemoryObjects:                                   true 
          ScanPUM:                                             2 
          ScanPUP:                                             2 
          ScanRegistry:                                        true 
          ScanRootkits:                                        false 
          ScanSource:                                          1 
          ScanStartup:                                         true 
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true 
        StartTaskFromSystemAccount:                            false 
        TaskType:                                              0 
      triggers:                                                 
        66a956ee-23e3-4cef-b2fe-8340407a7313:                   
          dateinterval:                                        1:0:0 
          lastscheduled:                                       Sun, 11 Oct 2015 03:35:22 -0400 
          lasttriggered:                                       Tue, 04 Aug 2015 17:14:30.718400 -0400 
          nextscheduled:                                       Mon, 12 Oct 2015 03:35:22 -0400 
          recovery:                                            23:00:00 
          start:                                               Mon, 20 Jul 2015 03:35:22 -0400 
          timeinterval:                                        00:00:00 
          type:                                                4 
          uuid:                                                66a956ee-23e3-4cef-b2fe-8340407a7313 
      type:                                                    scan 
      uuid:                                                    cd545293-4215-4a1a-b687-5a95dc667edc 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
 
 
MBAMService Registry Values:
============================
 
 
 
MBAMScheduler Registry Values:
==============================
 
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
Proxy Override: 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyOverride REG_SZ <local>
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
unins000.dat                             File Size: 30395     BYTES FileVersion:  N/A            MD5: [3d841357cc3bb5f20ed52ad7df97eae4]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
 
C:\Users\JRay\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 2118      BYTES FileVersion:  N/A            MD5: [6e5a368d6e7ef50f52902409ec6d6a77]
akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
domains.ref                             File Size: 279534    BYTES FileVersion:  N/A            MD5: [c83be9b51acdd94eca401ec9587899b3]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 27001     BYTES FileVersion:  N/A            MD5: [6f18a77cb386d40d84799fefec3e5250]
rules.ref                               File Size: 10539853  BYTES FileVersion:  N/A            MD5: [74d7900a6292a557c3788d2724307834]
swissarmy.ref                           File Size: 26108     BYTES FileVersion:  N/A            MD5: [991d83474ed5cdcf17a9206d854748e6]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4608      BYTES FileVersion:  N/A            MD5: [b5577fc01629c75b3dbdb86eeb058f85]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 1419      BYTES FileVersion:  N/A            MD5: [fc317898c97491c100ce7e1e32a8b2c2]
manifest.conf                           File Size: 3380      BYTES FileVersion:  N/A            MD5: [5f8e0325fe238892548cb1e47f6f9bdf]
marketing.conf                           File Size: 10965     BYTES FileVersion:  N/A            MD5: [56d6f72252308df131ec0b2a51612dfc]
net.conf                                 File Size: 6904      BYTES FileVersion:  N/A            MD5: [3a2a72c425d91ebfd93e767e6c9afef2]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 2194      BYTES FileVersion:  N/A            MD5: [bdfdbad98921537664c1ae87f54d8e38]
settings.conf                           File Size: 2090      BYTES FileVersion:  N/A            MD5: [3c416fecd6c77e06da53cb93e7ae3939]
statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [6eb2eb58bb0c1490f568d7bd001abf55]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2015-08-02 (03-36-23).xml       File Size: 2498      BYTES FileVersion:  N/A            MD5: [061a673bc5dc98009e3e3f2fe08f832e]
mbam-log-2015-10-10 (20-41-32).xml       File Size: 2496      BYTES FileVersion:  N/A            MD5: [315e2e81fe9f2c986d1beecb1cf15f04]
protection-log-2015-07-19.xml           File Size: 6460      BYTES FileVersion:  N/A            MD5: [a2b1717a026cc0b82e4296e259054ac8]
protection-log-2015-07-20.xml           File Size: 1216      BYTES FileVersion:  N/A            MD5: [8e4470f2738ae1c5add891687c712555]
protection-log-2015-07-26.xml           File Size: 6687      BYTES FileVersion:  N/A            MD5: [4f07f133f4cc990abf91dac0229be4c6]
protection-log-2015-08-01.xml           File Size: 9284      BYTES FileVersion:  N/A            MD5: [fb67de9d6b37f957f3f5e836dc22f7fd]
protection-log-2015-08-02.xml           File Size: 346       BYTES FileVersion:  N/A            MD5: [39ecee9dad165044c083aa9156b6b199]
protection-log-2015-08-04.xml           File Size: 3007      BYTES FileVersion:  N/A            MD5: [b3e958450499745259f9afe634920ad3]
protection-log-2015-08-05.xml           File Size: 363       BYTES FileVersion:  N/A            MD5: [f879297e29dbbed459f986fae8fcadba]
protection-log-2015-08-06.xml           File Size: 431       BYTES FileVersion:  N/A            MD5: [b43899a46c1d6c47bceff5c48adf4efb]
protection-log-2015-10-10.xml           File Size: 6185      BYTES FileVersion:  N/A            MD5: [9e9e596b4342b7c096e5a6c595cae088]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE


#7 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 11 October 2015 - 05:08 AM

# AdwCleaner v5.013 - Logfile created 11/10/2015 at 05:58:57
# Updated 09/10/2015 by Xplode
# Database : 2015-10-09.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : JRay - JRAY-PC
# Running from : C:\Users\JRay\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [784 bytes] ##########


#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:17 AM

Posted 11 October 2015 - 08:38 AM

Where are the logs for the rest of the requested scans?

 

 

 

Edit:  What part of Ky. are you living in?  I lived in Lexington for ten years.


Edited by dc3, 11 October 2015 - 08:40 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 14 October 2015 - 03:21 PM

sorry i am still working on the others. work is killing me. I live in Shelbyville. I work at the Toyota plant in Georgetown.



#10 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 15 October 2015 - 06:44 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by JRay on Thu 10/15/2015 at  4:03:31.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Program Files (x86)\GUTB3B5.tmp
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\JRay\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\JRay\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\JRay\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\JRay\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/15/2015 at 19:42:42.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 16 October 2015 - 03:07 AM

ESET Online scanner found no threats



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:17 AM

Posted 16 October 2015 - 10:51 AM

Since Malwarebytes didn't post any of the exclusions it is of no value to me.  So I would like you to run another program which produce the information we are looking for.

 

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).

 


  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.


  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.


  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.


  • When the scan is completed click Quarantine selected objects. Note:  This option is only available if malicious objects were detected during the scan.  If this is the case select Delete selected.


  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.


  • Please save the log in Notepad on your desktop and post the contents in your next reply.


  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.


Edited by dc3, 16 October 2015 - 10:51 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 16 October 2015 - 07:00 PM

Emsisoft Emergency Kit - Version 10.0
Last update: 10/16/2015 7:52:35 PM
User account: JRay-PC\JRay
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 10/16/2015 7:54:17 PM
Value: HKEY_USERS\S-1-5-21-3666055462-3548562610-2823323530-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3666055462-3548562610-2823323530-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
 
Scanned 70079
Found 2
 
Scan end: 10/16/2015 7:58:28 PM
Scan time: 0:04:11
 
Value: HKEY_USERS\S-1-5-21-3666055462-3548562610-2823323530-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3666055462-3548562610-2823323530-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
 
Quarantined 2


#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:17 AM

Posted 17 October 2015 - 07:22 AM

 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 crewjones33

crewjones33
  • Topic Starter

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kentucky
  • Local time:09:17 AM

Posted 18 October 2015 - 03:49 AM

I ran  TDSSKILLER and nothing was found. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users