[Biscuithd]

I assume these things aren't really connected

 

 

These days, usually not. In the old days there were countless ways to make a HD squeal, etc. You could startup and stop the fan. These days malware writers arn't trying to kill your computer, they are trying to make money from you by driving you to their websites and teasing you into buy products that they plop on your screen. There is also ransomeware where they lock your computer and charge you to unlock it. Much (but not all) of the disruptive stuff has lessened.

[Advertisements]

So, good news with the hard drive itself. Upon further inspection, it actually wasn't my hard drive, but the air conditioning which is in the window adjacent to my computer. (I feel so stupid LOL)

 

Back on topic, though, I'll get the other scan reports for my actual problem as soon as I can (probably today or tomorrow, my schedule is a bit out of order today) Sorry for not doing it sooner

[SnarkKnight96]

So, good news with the hard drive itself. Upon further inspection, it actually wasn't my hard drive, but the air conditioning which is in the window adjacent to my computer. (I feel so stupid LOL)

 

Back on topic, though, I'll get the other scan reports for my actual problem as soon as I can (probably today or tomorrow, my schedule is a bit out of order today) Sorry for not doing it sooner

[Biscuithd]

Ok, post as soon as you can

[SnarkKnight96]

Here's the adw cleaner report: # AdwCleaner v3.308 - Report created 22/08/2014 at 20:52:56

# Updated 20/08/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : Jason - JASONPC

# Running from : C:\Users\Jason\Desktop\adwcleaner_3.308.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Found : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.17028

 

 

-\\ Mozilla Firefox v

 

[ File : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\og93oqtz.default-1407017548133\prefs.js ]

 

 

-\\ Google Chrome v36.0.1985.143

 

[ File : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[Biscuithd]

Have you completed the other scans?

[Biscuithd]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

[emeraldnzl]

Re-opened at users request.

[SnarkKnight96]

i am soooooo sorry it took that long

 

anyway, here are the other logs

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8 x64

Ran by Jason on Tue 09/02/2014 at 21:30:12.82

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 09/02/2014 at 21:34:56.04

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Zoek.exe v5.0.0.0 Updated 01-September-2014

Tool run by Jason on Tue 09/02/2014 at 21:41:38.46.

Microsoft Windows 8 6.2.9200  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Jason\Desktop\zoek.exe [Scan all users] [Script inserted] 

 

==== System Restore Info ======================

 

9/2/2014 9:42:27 PM Zoek.exe System Restore Point Created Succesfully.

 

==== Installed Programs ======================

 

æTorrent  

4 Elements II  

7-Zip 9.20 (x64 edition)  

Adobe Flash Player 14 Plugin  

Adobe Shockwave Player 12.1  

Airport Mania  

Alcor Micro USB Card Reader Driver   

Audacity 2.0.5  

Azteca  

Bejeweled 3  

Belkin USB Wireless Adapter  

Bonjour  

Bounce Symphony  

Build-a-lot  

CameraHelperMsi  

CDisplayEx 1.10.16  

Classic Shell  

Cradle Of Egypt Collector's Edition  

Cradle of Rome 2  

Curse at Twilight  

CyberLink LabelPrint  

CyberLink Media Suite 10  

CyberLink Power2Go 8  

CyberLink PowerDVD 12  

D3DX10  

Delicious: Emily's Childhood Memories Premium Edition  

DomDomSoft Manga Downloader (remove only)  

DomDomSoft Manga Reader (remove only)  

Energy Star  

erLT  

Farm Frenzy  

Google Chrome  

Google Update Helper  

Governor of Poker 2 Premium Edition  

Hewlett-Packard ACLM.NET v1.2.2.1  

House of 1000 Doors: Family Secrets  

HP Customer Experience Enhancements  

HP Postscript Converter  

HP Quick Start  

HP Registration Service  

HP Support Assistant  

HP Support Information  

Intel® Management Engine Components  

Intel® Processor Graphics  

Intel® SDK for OpenCL - CPU Only Runtime Package  

Intelr Trusted Connect Service Client  

Java 7 Update 65  

Java Auto Updater  

Jewel Match 3  

Logitech Webcam Software  

Luxor Evolved  

LWS Facebook  

LWS Gallery  

LWS Help_main  

LWS Launcher  

LWS Motion Detection  

LWS Pictures And Video  

LWS Twitter  

LWS Webcam Software  

LWS WLM Plugin  

LWS YouTube Plugin  

Mah Jong Medley  

Mahjongg Dimensions Deluxe: Tiles in Time  

Malwarebytes Anti-Malware version 2.0.2.1012  

McAfee AntiVirus Plus  

McAfee Security Scan Plus  

Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)  

Microsoft Application Error Reporting  

Microsoft Office  

Microsoft Office 2007 Service Pack 3 (SP3)  

Microsoft Office Access MUI (English) 2007  

Microsoft Office Access Setup Metadata MUI (English) 2007  

Microsoft Office Enterprise 2007  

Microsoft Office Excel MUI (English) 2007  

Microsoft Office File Validation Add-In  

Microsoft Office Groove MUI (English) 2007  

Microsoft Office Groove Setup Metadata MUI (English) 2007  

Microsoft Office InfoPath MUI (English) 2007  

Microsoft Office Office 64-bit Components 2007  

Microsoft Office OneNote MUI (English) 2007  

Microsoft Office Outlook MUI (English) 2007  

Microsoft Office PowerPoint MUI (English) 2007  

Microsoft Office Proof (English) 2007  

Microsoft Office Proof (French) 2007  

Microsoft Office Proof (Spanish) 2007  

Microsoft Office Proofing (English) 2007  

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  

Microsoft Office Publisher MUI (English) 2007  

Microsoft Office Shared 64-bit MUI (English) 2007  

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007  

Microsoft Office Shared MUI (English) 2007  

Microsoft Office Shared Setup Metadata MUI (English) 2007  

Microsoft Office Word MUI (English) 2007  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2005 Redistributable (x64)  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106  

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106  

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106  

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106  

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106  

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106  

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005  

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  

Microsoft XNA Framework Redistributable 4.0  

Movie Maker  

MSVCRT  

MSVCRT110  

MSVCRT110_amd64  

Mystery P.I. - Curious Case of Counterfeit Cove  

Pando Media Booster  

Peggle Nights  

Photo Common  

Photo Gallery  

Pinger  

Plants vs. Zombies - Game of the Year  

Polar Bowler  

Realtek Card Reader  

Realtek High Definition Audio Driver  

Recovery Manager  

Roads of Rome 3  

Royal Envoy 2 Collector's Edition  

RPG Maker VX  

RPG Maker VX RTP  

Rubber Ninjas 1.05  

Rubber Ninjas Demo 1.05  

Rusty Hearts  

SeaTools for Windows  

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition   

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition  

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  

Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition   

Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition   

Spiral Knights  

Spybot - Search & Destroy  

Starbound  

Steam  

swMSM  

Tales of Lagoona  

Team Fortress 2  

Terraria  

Transformers Universe  

Unity Web Player  

Update for 2007 Microsoft Office System (KB967642)  

Update for Microsoft Office 2007 Help for Common Features (KB963673)  

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  

Update for Microsoft Office Access 2007 Help (KB963663)  

Update for Microsoft Office Excel 2007 Help (KB963678)  

Update for Microsoft Office Infopath 2007 Help (KB963662)  

Update for Microsoft Office OneNote 2007 Help (KB963670)  

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition  

Update for Microsoft Office Outlook 2007 Help (KB963677)  

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition  

Update for Microsoft Office Powerpoint 2007 Help (KB963669)  

Update for Microsoft Office Publisher 2007 Help (KB963667)  

Update for Microsoft Office Script Editor Help (KB963671)  

Update for Microsoft Office Word 2007 Help (KB963665)  

Update Installer for WildTangent Games App  

Vacation QuestT - Australia  

WildTangent Games  

WildTangent Games App (HP Games)  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live Installer  

Windows Live Photo Common  

Windows Live PIMT Platform  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Youda Jewel Shop  

Zuma's Revenge  

 

==== Running Processes ======================

 

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Users\Jason\Desktop\zoek.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\SysWOW64\cmd.exe

 

==== Services (whitelist) ======================

Powered by E Dev

 

R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"

R2 - [CLHNServiceForPowerDVD12] - CLHNServiceForPowerDVD12 - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe

R2 - [HP Support Assistant Service] - HP Support Assistant Service - "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

R2 - [Intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - "c:\Program Files\Intel\iCLS Client\HeciServer.exe"

R2 - [Intel® ME Service] - Intel® ME Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

R2 - [LMS] - Intel® Management and Security Application Local Management Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

R2 - [McAPExe] - McAfee AP Service - "C:\Program Files\McAfee\MSC\McAPExe.exe"

R2 - [mfecore] - McAfee Anti-Malware Core - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

R2 - [mfefire] - McAfee Firewall Core Service - "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"

R2 - [mfevtp] - McAfee Validation Trust Protection Service - "C:\windows\system32\mfevtps.exe"

R2 - [RtkAudioService] - Realtek Audio Service - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

R2 - [SBSDWSCService] - SBSD Security Center Service - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

R2 - [UNS] - Intel® Management and Security Application User Notification Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

R2 - [WSearch] - Windows Search - C:\windows\system32\SearchIndexer.exe /Embedding

R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

R3 - [ICCS] - Intel® Integrated Clock Controller Service - Intel® ICCS - "C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe"

R3 - [VSS] - Volume Shadow Copy - C:\windows\system32\vssvc.exe

S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

S2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

S2 - [MBAMService] - MBAMService - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

S2 - [sppsvc] - Software Protection - C:\windows\system32\sppsvc.exe

S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

S3 - [ALG] - Application Layer Gateway Service - C:\windows\System32\alg.exe

S3 - [aspnet_state] - ASP.NET State Service - C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

S3 - [COMSysApp] - COM+ System Application - C:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

S3 - [cphs] - Intel® Content Protection HECI Service - C:\windows\SysWow64\IntelCpHeciSvc.exe

S3 - [Fax] - Fax - C:\windows\system32\fxssvc.exe

S3 - [GamesAppService] - GamesAppService - "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe"

S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc

S3 - [hpqwmiex] - HP Software Framework Service - "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"

S3 - [McComponentHostService] - McAfee Security Scan Component Host Service - "C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe"

S3 - [McODS] - McAfee Scanner - "C:\Program Files\McAfee\VirusScan\mcods.exe"

S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe"

S3 - [MSDTC] - Distributed Transaction Coordinator - C:\windows\System32\msdtc.exe

S3 - [msiserver] - Windows Installer - C:\windows\system32\msiexec.exe /V

S3 - [odserv] - Microsoft Office Diagnostics Service - "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"

S3 - [ose] - Office Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

S3 - [PerfHost] - Performance Counter DLL Host - C:\windows\SysWow64\perfhost.exe

S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\windows\system32\locator.exe

S3 - [SNMPTRAP] - SNMP Trap - C:\windows\System32\snmptrap.exe

S3 - [Steam Client Service] - Steam Client Service - "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

S3 - [TrustedInstaller] - Windows Modules Installer - C:\windows\servicing\TrustedInstaller.exe

S3 - [vds] - Virtual Disk - C:\windows\System32\vds.exe

S3 - [wbengine] - Block Level Backup Engine Service - "C:\windows\system32\wbengine.exe"

S3 - [WinDefend] - Windows Defender Service - "C:\Program Files\Windows Defender\MsMpEng.exe"

S3 - [wmiApSrv] - WMI Performance Adapter - C:\windows\system32\wbem\WmiApSrv.exe

S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"

 

==== System Specs ======================

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 8064 MB

CPU Info: Intel® Core™ i3-3220T CPU @ 2.80GHz

CPU Speed: 2811.5 MHz

Sound Card: Speakers (Realtek High Definiti | 

Display Adapters: Intel® HD Graphics | Intel® HD Graphics

Monitors: 1x; HP W2071d LED Backlit Monitor | 

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Belkin USB Wireless Adaptor | Realtek PCIe FE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp      DVD-RAM GHA3N

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C:  912.8GB | D:  17.3GB

Hard Disks - Free: C:  814.2GB | D:  2.2GB

Manufacturer *: AMI

BIOS Info: AT/AT COMPATIBLE |  | HPQOEM - 1072009

Time Zone: Eastern Standard Time

Motherboard *: Hewlett-Packard 2AFB

Country: United States 

Language: ENU 

 

==== System Specs (Software) ======================

 

Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Firewall: McAfee Firewall disabled

Internet Explorer Version: 10.0.9200.17028 

Google Chrome version: 36.0.1985.143

Sun Java version: 1.7.0_65 (32-bit) 

Flash Player version: 14.0.0.145

Shockwave Player version: 12.1.1r151

 

==== Files Recently Created / Modified ======================

 

====== C:\windows ====

====== C:\Users\Jason\AppData\Local\Temp ====

2014-09-03 01:28:20 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-08-21 02:53:25 430F0CA1C6E7FFCB5FB671D3C38450A2 7224 ----a-w- C:\Users\Jason\AppData\Local\Temp\BullseyeCoverage-2-x86.dll

2014-08-21 02:52:37 E04E871DA9BE6C8135E16FDB59B4D6DA 1592832 ----a-w- C:\Users\Jason\AppData\Local\Temp\UnityWebPlayer\UnityWebPluginUpdate-74c1b8ea75bb464689f1224ed2c14f7c\mono-1-vc.dll

====== Java Cache =====

2014-08-21 01:35:52 24E851BB407BCABF39C51A798AFAE81F 58189 ----a-w- C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\ee6dfa0-192a3e3c

2014-08-21 01:35:53 8BAE5F76207545BE42BAB9015D4207B9 16477 ----a-w- C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-577365f4

2014-08-21 01:35:51 C48E41AC976C93CBC146FC183C324A73 446 ----a-w- C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\2040f8fa-9ff830e05a9af0a2ef20b7d83e9817909456b0e06e3ee990532db26eb22cd72f-6.0.lap

====== C:\windows\SysWOW64 =====

2014-08-23 18:31:07 BC587C9D241C638A825B4D55BF91BAFA 86528 ----a-w- C:\windows\SysWOW64\wudriver.dll

2014-08-23 18:31:06 9C8920D4E47E3591203739E051248E42 629248 ----a-w- C:\windows\SysWOW64\wuapi.dll

2014-08-23 18:30:52 7285D8DF13AA1F2BBDF8BE0C3FB65AF4 128000 ----a-w- C:\windows\SysWOW64\wuwebv.dll

2014-08-23 18:30:52 0AA8927C7DAE50EBDBFD9D5523A21020 35328 ----a-w- C:\windows\SysWOW64\wuapp.exe

====== C:\windows\SysWOW64\drivers =====

====== C:\windows\Sysnative =====

2014-08-23 18:31:07 2762E48274640A6E8F17CACF49AA8DF0 100352 ----a-w- C:\windows\Sysnative\wudriver.dll

2014-08-23 18:31:07 07DE21A44C96710A2696CAC2D60942FC 176640 ----a-w- C:\windows\Sysnative\storewuauth.dll

2014-08-23 18:31:06 F2463B2E9818D242B4F72B237E9BD545 3286528 ----a-w- C:\windows\Sysnative\wuaueng.dll

2014-08-23 18:31:06 C7D91C7FF92B935FBEB1285DF720AE89 253440 ----a-w- C:\windows\Sysnative\WUSettingsProvider.dll

2014-08-23 18:31:06 B9E015C3C45556C39AD9A3F1C0F73639 1623040 ----a-w- C:\windows\Sysnative\wucltux.dll

2014-08-23 18:31:06 7B0A0BE4B067C9CC4898CFFC30BAD425 59416 ----a-w- C:\windows\Sysnative\wuauclt.exe

2014-08-23 18:31:06 3B61E09694F82333A4A0609714469E1E 773632 ----a-w- C:\windows\Sysnative\wuapi.dll

2014-08-23 18:30:52 E07104ADA4972888FC2FADAC22CE4591 40448 ----a-w- C:\windows\Sysnative\wuapp.exe

2014-08-23 18:30:52 56BCA2F14F696FBB619D042770859D7B 144384 ----a-w- C:\windows\Sysnative\wuwebv.dll

====== C:\windows\Sysnative\drivers =====

2014-08-04 02:45:53 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys

2014-08-04 02:45:29 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys

2014-08-04 02:45:29 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys

2014-08-04 02:45:29 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\windows\Sysnative\drivers\mwac.sys

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2014-08-19 17:41:15 -------- d-----w- C:\PROGRA~2\Seagate

======= C: =====

====== C:\Users\Jason\AppData\Roaming ======

2014-08-21 23:50:40 -------- d-----w- C:\Users\Jason\AppData\Roaming\.mono

====== C:\Users\Jason ======

2014-09-03 01:29:12 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Jason\Downloads\JRT (1).exe

2014-08-23 00:52:14 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\Jason\Desktop\adwcleaner_3.308.exe

2014-08-21 23:50:40 -------- d-----w- C:\ProgramData\.mono

2014-08-21 02:53:25 436C8A51C1CC9DB6DF95D11C1FBA8BEF 224 ----a-w- C:\Users\Jason\BullseyeCoverageError.txt

2014-08-21 02:53:11 978AE524796E2B07D2801C98DD5FE654 1202032 ----a-w- C:\Users\Jason\Downloads\UnityWebPlayer (3).exe

2014-08-21 02:52:46 978AE524796E2B07D2801C98DD5FE654 1202032 ----a-w- C:\Users\Jason\Downloads\UnityWebPlayer (2).exe

2014-08-19 17:41:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate

 

====== C: exe-files ==

2014-09-03 01:29:12 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Jason\Downloads\JRT (1).exe

2014-09-03 01:28:20 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

=== C: other files ==

2014-09-03 01:28:20 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\TDL4.bat

2014-09-03 01:28:20 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\medfos.bat

2014-09-03 01:28:20 A87CD1BAC46CAC0EEEDB571F07077032 8104 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\modules.bat

2014-09-03 01:28:20 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\searchlnk.bat

2014-09-03 01:28:20 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\firefox.bat

2014-09-03 01:28:20 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\ev_clear.bat

2014-09-03 01:28:20 7D8282EB94B5D639B7378811C1924A8F 9516 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\runvalues.bat

2014-09-03 01:28:20 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\delorphans.bat

2014-09-03 01:28:20 5B92615B0CEA08D6BA1217C08CBB1443 15919 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\get.bat

2014-09-03 01:28:20 5B71358F97544D9DE58A9A0893079506 39458 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\prelim.bat

2014-09-03 01:28:20 53B191266B30D57F2F835ABBF54C68C5 13963 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\chrome.bat

2014-09-03 01:28:20 3BC04DEBBE9027060D51901133F60101 154678 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\misc.bat

2014-09-03 01:28:20 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\ask.bat

2014-09-03 01:28:20 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\iexplore.bat

2014-09-03 01:28:20 2F80D807DB405C8F6E0F3706B9FED710 10161 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\JRT.bat

2014-09-03 01:28:20 0D08FBD2E6F6C6AC6A504712C4CE6CE3 1226 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\FWPolicy.bat

2014-09-03 01:28:20 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Jason\AppData\Local\Temp\jrt\delfolders.bat

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-21-1537228853-612569023-1872746861-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LWS"="C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

 

==== Startup Folders ======================

 

2014-08-19 14:49:22 1115 ----a-w- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk

2014-05-03 17:40:22 1938 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

 

==== Task Scheduler Jobs ======================

 

C:\windows\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/08/2014 04:31 PM]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/02/2014 06:26 PM]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/02/2014 06:26 PM]

 

==== Other Scheduled Tasks ======================

 

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\windows\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\windows\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\windows\SysNative\tasks\User_Feed_Synchronization-{B4E65845-609A-4BEE-8E49-49B330ACF12F}" [C:\windows\system32\msfeedssync.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [08/02/2014 05:46 PM]

 

==== Firefox Extensions ======================

 

==== Firefox Plugins ======================

 

Profilepath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\og93oqtz.default-1407017548133

4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash

2BC6A052D9B153F6DC2F0E420FB4F407 - C:\Users\Jason\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

E37EAD09D28AE19D8A39B6A95F47513A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director

7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner +

 

 

==== Chrome Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - No path found[]

 

Angry Birds - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Google Docs - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Google Voice Search Hotword (Beta) - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

YouTube - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Megavideo Playerplus - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpoolkicbnlkaibhppihnfehghajfeg

Block site - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh

SiteAdvisor - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

AdBlock - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Google Wallet - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Tumblr Savior - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip

MegaSkipper - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlpjnmkcepflfoglccifhajagahaglm

Gmail - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Chromium Startpages ======================

 

C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Preferences

"homepage": "http://www.facebook.com/",

"startup_urls": [ "http://henryviscardi.schoology.com/", "http://www.msn.com/?pc=UP94&ocid=UP94DHP&dt=112613" ],

 

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0BA66F06-72C9-4220-88EC-106A417D797C} Secure Search Url="https://search.yahoo...={SearchTerms}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.co...4371-11896-2/4"

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=0 folders=0 0 bytes)

 

==== EOF on Tue 09/02/2014 at 21:46:11.95 ======================

 

 

Good news is, I haven't gotten any ads in around 20 days, but I don't know if that means everything is fixed.

[Biscuithd]

Good news is, I haven't gotten any ads in around 20 days...

 

Excellent news!

 

 

...but I don't know if that means everything is fixed.

 

Well, your logs are looking better and that's a good thing.

 

Next, is a little more cleaning and a little more checking.

 

Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• Follow onscreen instructions inside the black box. This scan won't take long.
• Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.

 

 

We'll search for some remnants that might be hiding.

 

Please download Malwarebytes Anti-Malware and save it to your desktop.

• Install the progam and select update

 

• Once it has updated select Settings > Detection and Protection >Tick Scan for rootkits

 

• Go back to the Dashboard and select Scan Now

 

• If threats are detected, click the Apply Actions button, MBAM will ask for a reboot

 

• On completion of the scan (or after the reboot) select View Detailed Log

Select Export > Select text file and save to the desktop.

 

 

Please post that log for my review.

 

Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

• Accept the Terms of Use and click Start.
• Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

• Download esetsmartinstaller_enu.exe that you'll be given link to.
• Double click esetsmartinstaller_enu.exe.
• Allow the Terms of Use and click Start.

To perform the scan:

• Make sure that Remove found threats is unchecked.
• Scan archives is checked.
• In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
• Click Start
• The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
• When completed, the program will begin to scan. This may take several hours. Please, be patient.
• Do not do anything on your machine as it may interrupt the scan.
• When the scan is done, click Finish.
• A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.

Don't forget to re-enable previously switched-off protection software!

 

 

[SnarkKnight96]

fair warning, I'm recuperating from surgery so I can't really do anything on my PC till like, Monday at latest

 

also uh, by "several hours" did you mean like, 3 or something like 12?

[Biscuithd]

fair warning, I'm recuperating from surgery

 

My best wishes for a Speedy Recovery!    

 

 

by "several hours" did you mean like, 3 or something like 12?

 

In all honestly, I've seen it take from one end of the spectrum (1/2 hour), to the other (more than 12), depending on the size of hard disk and the issues encountered. That's why I try to do the "heavy lifting" with other, faster tools first. This one is good as it digs in every odd corner it finds. Start it at night before bed and let it run all night is one suggestion.

[SnarkKnight96]

I think I'm probably gonna do the mwb scan this weekend.

The other thing might have to wait a week, because I may or may not have all night.

 

does anything look weird at all with any of my logs?

[Biscuithd]

does anything look weird at all with any of my logs?

You logs are clean. These last scans are just a final polish. If you wish, we can conclude and I'll close the topic

[SnarkKnight96]

Yeah, I'll get to those as soon as I can.

 

Have any of these fixed the "cannot repair member file" problem? Just curious, only asking because now that's one of the only concerns I have (but like I said, I'll still go through with the other 2 scans this weekend or something.)

[Biscuithd]

cannot repair member file

 

I assume you saw this in a SFC /SCANNOW output? In either case, run this three times in a row. Even if time one or two tells you it fixed everything, run it three times.

 

Just go to a command prompt and type in SFC /SCANNOW

 

Let me know how this goes.