Skyclad Posted September 24, 2016 Author Posted September 24, 2016 Hello seedy21.. Would you please comment further on the "Quarantine Folder" comment you talked about above? Is this what is produced when the scan is complete? I have a Quarantine folder on my desktop right now and wondering if this was the result of the scan I ran overnight.. When I checked the scan out this morning, all was shown was a white, square window with the words ESET SCAN at the top left, with nothing below.. I was thinking that the scan did not work once again, but if Quarantine is what we're looking for, please find the contents of that below.. Hope this helps! S PS Just tried to copy and paste contents and it would not allow the "paste" part.. Any way to send attachment? Please advise.. Quote
seedy21 Posted September 25, 2016 Posted September 25, 2016 Hi Skyclad, Quarantine Folder is the place where Anti-Virus disarms viruses and places them. It sounds like they is an issue with ESET Online scanner. Can I get an update with your machine ? Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Skyclad Posted September 25, 2016 Author Posted September 25, 2016 Hello seedy21... I would be glad to give you an update.. Could you please spell out exactly what you're asking for and how to get to it with regard to the "update" you are requesting.. Thanks again for your help! S Quote
Skyclad Posted September 26, 2016 Author Posted September 26, 2016 Hello seedy21.. If you were asking the general situation here with my computer I'll have to say that it is much better with regard to symptoms at this moment.. Unfortunately, the last time I said that it began it's aberrant behavior again.. I am also wondering about the two "infected" files that showed on the ESET scan before it crapped out.. At some point I may try running that again, just to make sure.. As always, thanks for your assistance! S Quote
Skyclad Posted September 26, 2016 Author Posted September 26, 2016 I just ran another scan through ESET and the results were EXACTLY the same is previously described........."2 infected files" and then the long black bars that block everything out as described previously.. Just wanted to let you know! S Quote
seedy21 Posted September 26, 2016 Posted September 26, 2016 Hi Skyclad, Thanks for the update. I think ESET is looking in the quarantine folders of the other tools we have used. I will have another look to see if I can see anything. Download http://www.imgdumper.nl/uploads6/51a612a8b2bc1/51a612a8b27e2-Zoek.pngzoek.exe from http://smeenk.247fixes.com/Tools/zoek.exe and save it to your Desktop. Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe You can find instructions how to disable your security applications >>Here<< or >>Here<< Double click zoek.exe to start the program. Copy and paste the following script in the code box: Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar ! createsrpoint; installedprogs; process; systemspecs; services-list; filesrcm; srinfo; emptyfolderscheck; startupall; firefoxlook; chromelook; skipfix-iedefaults; msconfigcheck; fakechrprofiles; Close any open browsers. Click the "Run script" button and wait patiently. When finished the logfile will be opened in notepad. If a reboot is needed the logfile will be opened after reboot. The zoek-results.log can also be found on your systemdrive (normally C:\). Please post the logfile for further review in your next reply Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Skyclad Posted September 28, 2016 Author Posted September 28, 2016 Hello seedy21.. Please find the results of the scan below.. Hope this helps! Thanks again... S Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Mike on Wed 09/28/2016 at 9:41:55.00. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mike\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 9/28/2016 9:47:23 AM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\AOL OCP C:\PROGRA~3\MyPrinter C:\Users\HP_OWNER\AppData\Local\VirtualStore C:\Users\Mike\AppData\Local\EmieBrowserModeList C:\Users\Mike\AppData\Local\EmieSiteList C:\Users\Mike\AppData\Local\EmieUserList ==== Installed Programs ====================== Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Reader XI (11.0.17) Adobe Refresh Manager AOL Toolbar AOL Uninstaller (Choose which Products to Remove) Canon Easy-WebPrint EX Canon IJ Scan Utility Canon MG3500 series MP Drivers Canon MG3500 series On-screen Manual Canon MG3500 series User Registration Canon My Image Garden Canon My Image Garden Design Files Canon Quick Menu CleanUp Cobian Backup 11 Gravity Google Chrome Google Earth Kaspersky Anti-Virus Malwarebytes Anti-Malware version 2.2.1.1043 Microsoft .NET Framework 4.6.1 Microsoft VC9 runtime libraries Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 34.0.5 (x86 en-US) Mozilla Maintenance Service OpenOffice 4.0.1 Puran Defrag 7.6 Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2) Security Update for Microsoft .NET Framework 4.6.1 (KB3142037) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Security Update for Microsoft .NET Framework 4.6.1 (KB3164025) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe C:\Program Files (x86)\Common Files\AOL\1387389289\ee\aolsoftware.exe C:\Program Files (x86)\Cobian Backup 11\Cobian.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe C:\Program Files (x86)\AOL Desktop 9.8.2\shellmon.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe R2 - [AVP16.0.1] - Kaspersky Anti-Virus Service 16.0.1 - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 16.0.1\avp.exe R2 - [cbVSCService11] - Cobian Backup 11 Volume Shadow Copy Requester - c:\program files (x86)\cobian backup 11\cbvscservice11.exe R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [klvssbrigde64] - klvssbrigde64 - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 16.0.1\x64\vssbridge64.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe S4 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe S4 - [PuranDefrag] - PuranDefrag - c:\windows\system32\purandefrags.exe ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 5631 MB CPU Info: AMD Phenom 8650 Triple-Core Processor CPU Speed: 2307.6 MHz Sound Card: Speakers (High Definition Audio | Digital Audio (S/PDIF) (High De | Display Adapters: ATI Radeon HD 3200 Graphics | ATI Radeon HD 3200 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1360 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-S223F Ports: COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 465.7GB Hard Disks - Free: C: 371.7GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 10/08/09 | GBT - 42302e31 Time Zone: Central Standard Time Motherboard *: Gigabyte Technology Co., Ltd. GA-MA78GM-US2H Country: United States Language: ENU ==== System Specs (Software) ====================== AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98} SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Google Chrome 53.0.2785.116 Internet Explorer Version: 11.0.9600.18449 Mozilla Firefox version: 34.0.5 (x86 en-US) Google Chrome version: 53.0.2785.116 Adobe Reader version: 11.0.17.9 Flash Player version: 21.0.0.242 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Mike\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-09-20 22:42:32 9704C3ABF5163E67F6A6FCCA79DAD35C 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-09-20 22:42:32 C365622F20C5525865216A96BF692E99 2048 ----a-w- C:\Windows\Sysnative\tzres.dll ====== C:\Windows\Sysnative\drivers ===== 2016-09-21 18:51:33 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\33863DA5.sys 2016-09-19 18:47:07 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\0CF21DFC.sys 2016-09-18 18:57:57 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\64AB5825.sys 2016-09-17 18:51:22 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\590E04F9.sys 2016-09-15 18:49:47 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\3E14677E.sys 2016-09-14 07:45:41 EC666682FE8344CF7E6ED69E74FA9F4F 464896 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2016-09-14 07:45:41 E450C0318DCE8ED28ED272C8806B8495 405504 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2016-09-14 07:45:41 9C12C78AD36C23D925711A4640228225 168960 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2016-09-14 07:44:19 EB7BB4F58971F4FE099B3CE127346563 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-09-14 07:44:19 6EBBA531A455E8F1092FD530A8682A97 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-09-14 07:44:19 52F8C264D3BF90D2726FDE6642A381D4 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-09-14 07:44:17 F93EDDF0B69760456C6E0D73405AC078 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-09-14 07:44:17 A558D659B722FE5FB8C6E1BF288F7316 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-09-14 07:44:17 341C65D6D4E9AB705258AC83511F7ADD 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-09-14 07:43:53 B2875D7ABB82867DC3AA03D991940201 1896168 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2016-09-14 07:43:52 7FE5586314EE7D6AA8483264A089E5AF 46080 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys 2016-09-14 07:43:52 5545D2CB5DC6855ADAE275D50FEC1CFF 377576 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2016-09-14 07:43:52 1140F1415D3CF49B4038CD346C2AE91A 287976 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2016-09-13 18:51:59 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\5DEA4CE9.sys 2016-09-09 18:46:31 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\05E51032.sys 2016-09-08 18:45:42 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\396D4170.sys 2016-09-05 18:42:39 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\6C8754B4.sys 2016-09-03 18:41:14 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\7569375A.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Mike\AppData\Roaming ====== 2016-09-13 20:55:32 -------- d-----w- C:\Users\Mike\AppData\Local\ESET ====== C:\Users\Mike ====== 2016-09-26 17:45:50 FB9A539E59CF43040644DA0A44234507 6761600 ----a-w- C:\Users\Mike\Downloads\esetonlinescanner_enu (2).exe 2016-09-24 07:25:54 FB9A539E59CF43040644DA0A44234507 6761600 ----a-w- C:\Users\Mike\Downloads\esetonlinescanner_enu (1).exe 2016-09-20 17:39:28 FB9A539E59CF43040644DA0A44234507 6761600 ----a-w- C:\Users\Mike\Downloads\esetonlinescanner_enu.exe ====== C: exe-files == 2016-09-26 17:45:50 FB9A539E59CF43040644DA0A44234507 6761600 ----a-w- C:\Users\Mike\Downloads\esetonlinescanner_enu (2).exe 2016-09-24 07:25:54 FB9A539E59CF43040644DA0A44234507 6761600 ----a-w- C:\Users\Mike\Downloads\esetonlinescanner_enu (1).exe === C: other files == 2016-09-21 18:51:33 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\33863DA5.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4197961188-714576266-808560349-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe /c" "AOL Fast Start"="C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE -b" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-4197961188-714576266-808560349-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "CleanUp\Users\Mike\Desktop\Cleanup.exe /WindowsRestart" "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_Plugin.exe -update plugin" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HostManager"="C:\Program Files (x86)\Common Files\AOL\1387389289\ee\AOLSoftware.exe" "Cobian Backup 11"="C:\Program Files (x86)\Cobian Backup 11\Cobian.exe" "CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe /c" "AOL Fast Start"="C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE -b" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "CleanUp\Users\Mike\Desktop\Cleanup.exe /WindowsRestart" "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_Plugin.exe -update plugin" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/13/2016 11:07 AM] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core.job --a------ C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [02/20/2016 12:53 PM] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core1d1e91a936c6a61.job --a------ C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [02/20/2016 12:53 PM] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA1d1e91a93f23e27.job --a------ C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [02/20/2016 12:53 PM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000Core1d1e91a936c6a61" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4197961188-714576266-808560349-1000UA1d1e91a93f23e27" [C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi" [08/17/2016 01:52 AM] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\olk2c82k.default 258693279212838A6A879A69A17BE215 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll - Shockwave Flash ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lpeeaghdjmhlakojjcgfdhgcejdaefmi - https://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi[] Google Slides - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Kaspersky Protection - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi Chrome Web Store Payments - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hbcams.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ======== System Restore Points ======== RP273: 9/27/2016 3:24:35 AM - Windows Update RP274: 9/28/2016 9:47:07 AM - zoek.exe restore point ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Wed 09/28/2016 at 9:52:00.23 ====================== Quote
Skyclad Posted October 1, 2016 Author Posted October 1, 2016 Hi seedy21... Just wanted to give you a brief update.. Things seem to be degenerating here.. Hoping that my last post was helpful.. Awaiting further instructions, and hope things do not continue to go downhill, as it might be difficult to send further messages.. Thanks again! S Quote
seedy21 Posted October 1, 2016 Posted October 1, 2016 Hi Skyclad, Your logs look clean. I believe that ESET is just finding the files in Emsisoft Emergency Kit quarantine folder. Do you have other issues with your machine? Thanks Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Skyclad Posted October 1, 2016 Author Posted October 1, 2016 Hello seedy21 and thanks for your response back.. With regard to my machine..........how it's doing kind of depends on which day it is, as things are changing almost daily....:/ Some days not too bad, others it mainly appears that I'm having issues with my mouse and getting it to work correctly (in many cases having to click mouse quickly followed up by hitting enter on the keyboard.... At this point, what I think what I would like to do is go ahead and close out this thread and let me observe all of this for a week or so.. If this continues or gets worse, I will get back in touch with you guys and let you know the particulars of what the symptoms have been for that week.. Overall right now things are tolerable and I'm able to work around much of it..........just kind of an inconvenience.. Anyway, let's close things out, but look for me to check back in a week or two... Thanks again for all your help! Will be in touch, S PS With regard to the quarantine folder you mentioned, can I simply delete this file from my computer or leave as is..? Please let me know either way....:) Quote
seedy21 Posted October 1, 2016 Posted October 1, 2016 Hi Skyclad. Not a problem. Out of interest is your Keyboard and mouse wireless? Lets click up and remove the tools we used. Clean up with Delfix Download "Delfix by Xplode" and save it to your desktop. Double Click to start the program If you are using Vista or higher, please right-click and choose run as administrator Make Sure the following items are checked: Remove disinfection tools Create registry backup Purge System Restore Now click on " Run " and wait patiently until the tool have completed. The tool will create a log when it has completed. We don't need you to post this. Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Skyclad Posted October 1, 2016 Author Posted October 1, 2016 Neither my Mouse or Keyboard are wireless.. When I tried to download Delfix I got the following......[h=1]This site can’t be reached[/h]general-changelog-team.fr’s server DNS address could not be found. Not sure how to proceed due to the download not happening.. Please advise... Thanks! S DNS_PROBE_FINISHED_NXDOMAIN Quote
Skyclad Posted October 3, 2016 Author Posted October 3, 2016 Hello seedy21.. Just a quick note.. I wanted to make sure the connect to the website you mentioned above was continuing to be a problem.. Just went to that website (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix) and it continues to display what I mentioned above.. I just wanted to be double sure about this, and wanted to let you know of the results.. Thanks.. S Quote
seedy21 Posted October 3, 2016 Posted October 3, 2016 Hi Skyclad, Looks like the website is down. You can download it from HERE Quote “It's only after we've lost everything that we're free to do anything.”― Chuck Palahniuk, Fight Club http://www.geekstogo.com/downloads/unite_blue.png Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members.Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Skyclad Posted October 4, 2016 Author Posted October 4, 2016 Hello seedy21.. The download went fine and the removal appears complete.. Overall, right at the moment, the computer is doing much better (hoping this continues to be the case).. I will continue to monitor and if anything further shows up, I will get in touch with you guys again....:) Thanks so much for all your help seedy21! I do appreciate it...!! S Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.