Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Removal???


  • This topic is locked This topic is locked
22 replies to this topic

#1 Someperson

Someperson

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 06 April 2014 - 06:18 PM

Ok. So it starts like this. I have a windows 7 computer and sometimes when i scan with superantispyware, i can't help but stare at the screen. I sometimes catch a glimpse of some "Windows Antivirus 2007" or some "Titan Shield" thing. When i google it, it pops up to be a rogue antivirus. Superantispyware just runs through it and doesn't detect it. Is this a problem, or is it a false positive? Thanks for the help Bleeping Computer Team! :hello:  :hello:  :)  :)


Edited by Queen-Evie, 06 April 2014 - 06:42 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 07 April 2014 - 02:44 AM

Hello -

If you can catch any part of that log it is always a help.

Please download all tools to Desktop and Copy and Paste all logs requested.

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
* Note: If any security program requests permission to access the Internet, allow it to do so.

Temporarily Disable Your Anti-virus if it is required to get a log.

 

 

Next -

Download MiniToolBox, Save it to your desktop to run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log

• List Installed Programs
• List Users, Partitions and Memory size.
 Click Go and copy / paste the result (Result.txt).

 

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the log back here.

 

Important: Do not reboot your computer until you complete the next step.

 

Now:

* Please download AdwCleaner by Xplode and save to your Desktop.
* NOTE : Please close or save all work, as the computer will be Rebooted
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button. (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
* If you see any which you do not want removed, remove the check mark next to it.

* Next: Click on the Clean button (only once) to remove the selected items.
* You will receive a message telling you that all programs will be close so that the infections can be removed.
* Click on OK, and then OK again to confirm the reboot.
* When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop.
* Please copy and the paste this log in your next post.

* A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.

 

Last -

Download TFC (Temp File Cleaner) to your desktop
• Close any open windows.
• Double click the TFC icon to run the program
• TFC will close all open programs itself in order to run,
• Click the Start button to begin the process.

• Allow TFC to run uninterrupted.
• The program should not take long to finish it's job
• Once its finished it may automatically reboot your machine.
• if it doesn't, please manually reboot to ensure a complete clean

No logs are produced or expected.

 

Please update us on how the computer is after these programs finish.



#3 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 07 April 2014 - 05:50 PM


 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG Internet Security 2014   
Ad-Aware Antivirus           
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (en-US)  
 TuneUp Utilities 2014   
 Java™ 6 Update 25  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox 27.0.1 Firefox out of Date!  
 Google Chrome 33.0.1750.152  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Spybot Teatimer.exe is disabled! 
 AVG avgwdsvc.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 
MiniToolBox by Farbar  Version: 23-01-2014
Ran by Henry Liang (administrator) on 07-04-2014 at 18:27:38
Running from "C:\Users\Henry Liang\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : HenryLiang-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : westell.com
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-26-6C-E0-DB-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : E0-CA-94-7D-DD-6F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4193:6914:f6dc:af2c%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, April 07, 2014 4:20:57 PM
   Lease Expires . . . . . . . . . . : Tuesday, April 08, 2014 4:20:59 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 249612948
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-96-A6-A5-E0-CA-94-7D-DD-6F
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:34c8:1471:3f57:ff9a(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::34c8:1471:3f57:ff9a%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.westell.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dslrouter.westell.com
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:806::1006
 74.125.226.7
 74.125.226.6
 74.125.226.1
 74.125.226.3
 74.125.226.14
 74.125.226.2
 74.125.226.9
 74.125.226.0
 74.125.226.4
 74.125.226.5
 74.125.226.8
 
 
Pinging google.com [74.125.226.8] with 32 bytes of data:
Reply from 74.125.226.8: bytes=32 time=101ms TTL=47
Reply from 74.125.226.8: bytes=32 time=95ms TTL=47
 
Ping statistics for 74.125.226.8:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 95ms, Maximum = 101ms, Average = 98ms
Server:  dslrouter.westell.com
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=87ms TTL=50
Reply from 98.139.183.24: bytes=32 time=91ms TTL=50
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 87ms, Maximum = 91ms, Average = 89ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=35ms TTL=128
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 35ms, Average = 22ms
===========================================================================
Interface List
 12...00 26 6c e0 db 54 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
 11...e0 ca 94 7d dd 6f ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    281
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:90d7:34c8:1471:3f57:ff9a/128
                                    On-link
 11    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::34c8:1471:3f57:ff9a/128
                                    On-link
 11    281 fe80::4193:6914:f6dc:af2c/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/07/2014 04:25:57 PM) (Source: MsiInstaller) (User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (04/07/2014 04:23:58 PM) (Source: MsiInstaller) (User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (04/07/2014 04:20:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/06/2014 10:08:30 PM) (Source: MsiInstaller) (User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (04/06/2014 10:07:46 PM) (Source: MsiInstaller) (User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 607172
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 607172
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/06/2014 08:11:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 606111
 
Error: (04/06/2014 08:11:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 606111
 
 
System errors:
=============
Error: (04/07/2014 04:24:58 PM) (Source: Service Control Manager) (User: )
Description: HP Network Devices Support%%126
 
Error: (04/07/2014 04:21:07 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Updating Service%%1053
 
Error: (04/07/2014 04:21:07 PM) (Source: Service Control Manager) (User: )
Description: 30000Spybot-S&D 2 Updating Service
 
Error: (04/07/2014 04:19:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (04/06/2014 10:19:01 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (04/06/2014 10:18:35 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (04/06/2014 01:05:43 PM) (Source: Service Control Manager) (User: )
Description: HP Network Devices Support%%126
 
Error: (04/06/2014 01:02:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (04/05/2014 09:59:56 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (04/05/2014 09:59:38 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office Sessions:
=========================
Error: (04/07/2014 04:25:57 PM) (Source: MsiInstaller)(User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/07/2014 04:23:58 PM) (Source: MsiInstaller)(User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/07/2014 04:20:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/06/2014 10:08:30 PM) (Source: MsiInstaller)(User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/06/2014 10:07:46 PM) (Source: MsiInstaller)(User: HenryLiang-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Henry Liang\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 607172
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 607172
 
Error: (04/06/2014 08:11:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/06/2014 08:11:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 606111
 
Error: (04/06/2014 08:11:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 606111
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.4.0.30596)
Ad-Aware Antivirus (Version: 11.1.5354.0)
AdAwareInstaller (Version: 11.1.5354.0)
AdAwareUpdater (Version: 11.1.5354.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Digital Editions 3.0 (Version: 3.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.0 (Version: 12.0.9.149)
Akamai NetSession Interface
AMD Media Foundation Decoders (Version: 1.0.60607.2201)
AMD VISION Engine Control Center (Version: 2011.0607.2212.38019)
AntimalwareEngine (Version: 2.6.0.0)
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Autodesk 360 (Version: 4.0.27.1)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk Download Manager (Version: 2.0.6.0)
Autodesk DWG TrueView 2014 (Version: 19.1.18.0)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (Version: 18.0.17000.0000)
Autodesk Inventor Professional 2014 - English (Version: 18.0.17000.0000)
Autodesk Inventor Professional 2014 (Version: 18.0.17000.0000)
Autodesk Inventor Professional 2014 English Language Pack (Version: 18.0.17000.0000)
Autodesk Material Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Base Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Low Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk Material Library Medium Resolution Image Library 2014 (Version: 4.0.19.0)
Autodesk ReCap (Version: 1.0.43.27)
Autodesk ReCap Language Pack-English (Version: 1.0.43.27)
Autodesk Revit 2014 (Version: 13.07.22211)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0)
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0)
Autodesk Workflows 2014 (Version: 4.0.19.0)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4355)
AVG 2014 (Version: 2014.0.4355)
Bejeweled 3 (Version: 2.2.0.97)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0607.2212.38019)
Catalyst Control Center InstallProxy (Version: 2011.0607.2212.38019)
Catalyst Control Center Localization All (Version: 2011.0607.2212.38019)
CCC Help Chinese Standard (Version: 2011.0607.2211.38019)
CCC Help Chinese Traditional (Version: 2011.0607.2211.38019)
CCC Help Czech (Version: 2011.0607.2211.38019)
CCC Help Danish (Version: 2011.0607.2211.38019)
CCC Help Dutch (Version: 2011.0607.2211.38019)
CCC Help English (Version: 2011.0607.2211.38019)
CCC Help Finnish (Version: 2011.0607.2211.38019)
CCC Help French (Version: 2011.0607.2211.38019)
CCC Help German (Version: 2011.0607.2211.38019)
CCC Help Greek (Version: 2011.0607.2211.38019)
CCC Help Hungarian (Version: 2011.0607.2211.38019)
CCC Help Italian (Version: 2011.0607.2211.38019)
CCC Help Japanese (Version: 2011.0607.2211.38019)
CCC Help Korean (Version: 2011.0607.2211.38019)
CCC Help Norwegian (Version: 2011.0607.2211.38019)
CCC Help Polish (Version: 2011.0607.2211.38019)
CCC Help Portuguese (Version: 2011.0607.2211.38019)
CCC Help Russian (Version: 2011.0607.2211.38019)
CCC Help Spanish (Version: 2011.0607.2211.38019)
CCC Help Swedish (Version: 2011.0607.2211.38019)
CCC Help Thai (Version: 2011.0607.2211.38019)
CCC Help Turkish (Version: 2011.0607.2211.38019)
ccc-utility64 (Version: 2011.0607.2212.38019)
CCleaner (Version: 4.11)
Cheat Engine 6.2
Chuzzle Deluxe (Version: 2.2.0.95)
Conexant HD Audio (Version: 8.54.1.0)
D3DX10 (Version: 15.4.2368.0902)
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (Version: 4.4.1.0)
ETDWare PS/2-X64 8.0.8.0_R01 (Version: 8.0.8.0)
FARO LS 1.1.501.0 (64bit) (Version: 5.1.0.30630)
FATE - The Traitor Soul (Version: 2.2.0.95)
Fishdom ™ 2 (Version: 2.2.0.98)
FreeFixer (Version: 1.09)
Google Chrome (Version: 33.0.1750.154)
Google Drive (Version: 1.14.6059.644)
Google Talk Plugin (Version: 5.2.4.18058)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.23.9)
herdProtect Anti-Malware Scanner (Version: 1.0)
HitmanPro 3.7 (Version: 3.7.9.212)
HP Deskjet 3050 J610 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
HP Deskjet 3050 J610 series Product Improvement Study (Version: 28.0.1315.0)
HP Photo Creations (Version: 1.0.0.12412)
HP Update (Version: 5.005.000.002)
iCloud (Version: 3.1.0.40)
IObit Malware Fighter (Version: 2.3)
iTunes (Version: 11.1.5.5)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
QuickTime 7 (Version: 7.75.80.95)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Realtek WLAN Driver (Version: 2.00.0016)
Revit 2014 Language Pack - English (Version: 13.07.22211)
Revo Uninstaller 1.95 (Version: 1.95)
SketchUp 8 (Version: 3.0.16846)
Skype Click to Call (Version: 7.1.15383.6004)
Skype Launcher (Version: 2.01)
Skype™ 6.14 (Version: 6.14.104)
Spybot - Search & Destroy (Version: 2.2.25)
SUPERAntiSpyware (Version: 5.7.1018)
swMSM (Version: 12.0.0.1)
Tom Clancy's Splinter Cell (Version: 2.2.0.97)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.10.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 2.1.0.3)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Service Station (Version: 2.2.12)
TOSHIBA Supervisor Password (Version: 2.1.0.2)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBARegistration (Version: 1.0.6)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.275)
TuneUp Utilities 2014 (Version: 14.0.1000.275)
Unity Web Player (Version: )
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (Version: 9.0.30729.177)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.1.3 (Version: 2.1.3)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 5.01 (64-bit) (Version: 5.01.0)
Zuma's Revenge (Version: 2.2.0.97)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 64%
Total physical RAM: 2662.87 MB
Available physical RAM: 945.5 MB
Total Pagefile: 5323.91 MB
Available Pagefile: 2411.19 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI106232W0C) (Fixed) (Total:452.07 GB) (Free:376.87 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\HENRYLIANG-PC
 
Administrator            Guest                    Henry Liang              
 
 
**** End of log ****
 
 
 
Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/07/2014 06:32:08 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 04/07/2014 06:34:06 PM
Execution time: 0 hours(s), 1 minute(s), and 57 seconds(s)
 
 
 
# AdwCleaner v3.023 - Report created 07/04/2014 at 18:35:54
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Henry Liang - HENRYLIANG-PC
# Running from : C:\Users\Henry Liang\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\user.js
Folder Found : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\Extensions\adsremoval@adsremoval.net
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Henry Liang\AppData\Local\CrashRpt
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Henry Liang\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [1878 octets] - [02/03/2014 17:24:52]
AdwCleaner[R1].txt - [2092 octets] - [07/04/2014 18:35:54]
AdwCleaner[S0].txt - [1961 octets] - [02/03/2014 21:17:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2212 octets] ##########
# AdwCleaner v3.023 - Report created 07/04/2014 at 18:40:21
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Henry Liang - HENRYLIANG-PC
# Running from : C:\Users\Henry Liang\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[x] Not Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Henry Liang\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\Extensions\adsremoval@adsremoval.net
File Deleted : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Henry Liang\AppData\Roaming\Mozilla\Firefox\Profiles\jkuz6tnp.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Henry Liang\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [1878 octets] - [02/03/2014 17:24:52]
AdwCleaner[R1].txt - [2304 octets] - [07/04/2014 18:35:54]
AdwCleaner[S0].txt - [1961 octets] - [02/03/2014 21:17:31]
AdwCleaner[S1].txt - [2244 octets] - [07/04/2014 18:40:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2304 octets] ##########
 
 
 


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 07 April 2014 - 08:18 PM

From these logs, you have been adding on to your system with more tools than needed, and this causes more overloading problems.

 

Please uninstall Ad-Aware Antivirus , as more Antivirus programs will make your problem worse.
Ad-Aware Antivirus (Version: 11.1.5354.0)
AdAwareInstaller (Version: 11.1.5354.0)
AdAwareUpdater (Version: 11.1.5354.0) These 3 items / updater are all part of the program

Spybot - Search & Destroy also can be removed, as Lavasoft is called an Antivirus program.

 

Your AVG should be enough Antivirus for one computer.

 

IObit Malware Fighter (Version: 2.3) <- This Optimizer / Antimalware / Antivirus program will cause many conflicts with the already installed bunch of programs that we are sorting through. Uninstall it and then run  IObit Cleaner => Info > Tool (Note: Cleans left-overs after a normal uninstall) From http://singularlabs.com/uninstallers/security-software/
 
Mozilla Firefox 27.0.1 Firefox out of Date! If you do use Firefox, please Update it -
 

TuneUp Utilities 2014 claims to Optimize PC performance, fix problems and customize your system.

As we both know this is false, it must be removed so we can procede.
To uninstall TuneUp Utilities from your computer:

1.In the Start menu click Control Panel (you may need to click Settings first).
2.Click Uninstall a program, or Programs and Features, or Add or Remover Programs.
3.In the list of programs select TuneUp Utilities (2014), and then click Uninstall/Change, or Uninstall.
4.Follow the displayed instructions to complete the uninstallation.

 

 

Java™ 6 Update 25   Java version is Well out of Date!
Please visit Here to update to Version7 Update51
Delete all old versions that are in Programs and Features.

 

 

Re-open AdwCleaner, as the program is designed as a Single Run tool, AdwCleaner[S1].txt means 2 runs.
Although a month apart, we are often not sure of what was removed in the last scan, plus it is not updated.
This time hit Uninstall Button and you will be asked to confirm as your system will be rebooted as the program is removed.
If needed later we just install the latest version to be sure it is fully updated.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted (if necessary):
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

I always ask for µTorrent to be removed, or disabled while you are trying to fix a problem, as this can re-infect you just by a simple visit, and not downloading anything.

Unless you have a need for Akamai NetSession Interface it can cause redirections and other problems.

If you do wish (or need) to have this program, please first Uninstall it and then re-install it later.

There are many errors just on this one program, and research shows it is Not a desired program to install.

 

Was Label@Once 1.0 installed by you, or has this been picked up as an unwanted Add On ??

 

 

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virus
 

This scan is best performed with Internet Explorer, as it uses ActiveX
If you will not use Internet Explorer, then please read item 3 in this post
 

1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology

9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer).
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan.

Copy / Paste the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive detection.

 

 

Once you complete all of these steps, please tell us about the computers problems



#5 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 08 April 2014 - 07:25 PM

Corel label@once was pre installed on my computer. I didn't know what it was for so i never really touched it and never cared about it. Should i remove it then?

I also removed "Enigma Software Group", as i did some research on my own and detected it as an unwanted program. Sorry if i didn't follow your rules! 

Also, what is netsession interface? Is it safe to remove? And if i remove it, can i download it back later?

 

 

On a side note, can i still scan my computer with Superantispyware?


Edited by Someperson, 08 April 2014 - 08:50 PM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 09 April 2014 - 03:20 AM

Hi -

The label @ once is a software program from Corel that burns labels into DVD's.
It is part of the DVDMovieFactory software, and actually safe to keep (I looked at another item)

 

Akamai is a known "spamming" company that can cause redirects, while Akamai NetSession Interface is one part of their operations that direct certain advertising towards you at random times.

 

I would remove this, but it is always your choice.



#7 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 11 April 2014 - 05:44 AM

ESETscan

C:\Windows\SysWOW64\Process.exe Win32/PrcView potentially unsafe application
C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Desktop\Cleaners\SmitfraudFix.exe Win32/PrcView potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Desktop\Cleaners\SpyBHORemover.zip a variant of Win32/SecurityXploded.A potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Downloads\AdwareSheriffRemovalTool.exe a variant of Win32/SecurityStronghold.A potentially unwanted application deleted - quarantined
C:\Users\Henry Liang\Downloads\cbsidlm-cbsi183-SketchUp-SEO-10257337.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Henry Liang\Downloads\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Downloads\ccsetup411pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Downloads\CheatEngine62.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Henry Liang\Downloads\dap10i_bbf80cd889_setup.exe a variant of Win32/SpeedBit.A potentially unwanted application deleted - quarantined
C:\Users\Henry Liang\Downloads\drivermax_7_28_cnet.exe a variant of Win32/DealPly.I potentially unwanted application deleted - quarantined
C:\Users\Henry Liang\Downloads\iobit-malware-fighter-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Windows\System32\Process.exe Win32/PrcView potentially unsafe application deleted - quarantined


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 11 April 2014 - 04:50 PM

Hi -

You have removed quite a bit, please tell us how the computer is now.



#9 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 11 April 2014 - 07:56 PM

My computer is actually faster than it was before, but i think that it could be faster. For example, some of my programs freeze up and take about a minute to get back on track. Also, some large programs like Revit take quite some time to load up. It takes some time to load up then freezes, then unfreezes, then freezes again and then returns back to normal.

 

However, when i scan with superantispyware, i still notice a few strange programs. To name a few are Spyware striker, Spy sheriff, "Memory Watcher (what is this???)" , MalwareWipe, (some golden palace casino?) and other strange programs. :scratchhead:  :scratchhead:  :scratchhead:

 

By the way, is it possible to attach pictures here? I have quite some pictures depicting the problem i have. If i can put these pictures up here, it might make a clearer picture of what I need help on.

Thanks for all the help this far!!!  :guitar:  :guitar:  :guitar:  :thumbup2:  :thumbup2:  :thumbup2:



#10 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 11 April 2014 - 08:04 PM

I also noticed that most of the "threats" i found had a C:Users/(insert name here). Some of them, or most of them, have an x86 somewhere in the name of the "threat".Do i need to do something about this???



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 11 April 2014 - 08:43 PM

This Site seems to give a good idea of the program, BUT, do not download any tools from the linked site.
Memory Watcher : Category Description: Program that delivers advertisements on your PC.
Properties:  ## Shows Advertisements
 
Can you Update SUPERAntiSpyware, and run a Full Scan with it ??
A log should be produced, so can you please Copy and Paste it back here.

 

Also, any program or file with x86 in it only means it is the 32bit version of the installed item.



#12 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 12 April 2014 - 02:43 PM

Are there specific settings that i have to set Superantispyware to before i scan? Or do i use the default settings?



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 12 April 2014 - 04:48 PM

For S.A.S. program, you should just be able to Open the program , Click on "Check for Updates (lower Right side), wait while the updates install  , Click on the Full scan small button , Click Start Complete Scan -

This can take from 10 to 20 minutes depending on your system.

 

If you have had it installed for a while you should know how to start a scan ........

 

Also download Malwarebytes Anti-Malware to desktop and install it
The program should automatically update and start a first scan after you install it to desktop.



#14 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 12 April 2014 - 05:21 PM

SUPERAntiSpyware Scan Log
 
Generated 04/12/2014 at 06:18 PM
 
Application Version : 5.7.1018
 
Core Rules Database Version : 11164
Trace Rules Database Version: 8976
 
Scan type       : Complete Scan
Total Scan Time : 02:30:51
 
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
 
Memory items scanned      : 745
Memory threats detected   : 0
Registry items scanned    : 70365
Registry threats detected : 0
File items scanned        : 74904
File threats detected     : 14
 
Adware.Tracking Cookie
accounts.google.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
regmedia.surveycenter.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tyhannresearch.opinioninsight.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tyhannresearch.opinioninsight.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media5.surveycenter.com [ C:\USERS\HENRY LIANG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


#15 Someperson

Someperson
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 12 April 2014 - 09:13 PM

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.12.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17041
Henry Liang :: HENRYLIANG-PC [administrator]
 
Protection: Enabled
 
4/12/2014 6:24:32 PM
mbam-log-2014-04-12 (18-24-32).txt
 
Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 413225
Time elapsed: 3 hour(s), 44 minute(s), 34 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
and
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.12.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17041
Henry Liang :: HENRYLIANG-PC [administrator]
 
Protection: Enabled
 
4/12/2014 10:09:34 PM
mbam-log-2014-04-12 (22-09-34).txt
 
Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: Registry | File System
Objects scanned: 193927
Time elapsed: 3 minute(s), 28 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users