Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

extreme slowness/computer has a mind of its own


  • Please log in to reply
19 replies to this topic

#1 beachfeet

beachfeet

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 14 November 2014 - 08:54 AM

Hello, 

I have a Dell Inspiron 5323 running Windows 7 Home Edition. The system is very slow, and programs will open/close by themselves. Also, it seems that every time I have an internet connection, I get more pop-ups than I can close before the system freezes. I am forced to restart the computer multiple times in order to use it, and when it finally boots up, there is a pop up saying something similar to Run.DLL error system could not boot properly. Any help fixing these issues would be much appreciated. 

Thank you



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 14 November 2014 - 10:09 AM

Welcome to BC !

 

Start with the scans below. That should give you some relief. 

 

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars...especially Yahoo.

You may see Google Tool Bar being offered. You can choose to download and use the portable version and avoid any chance

of installing an unwanted toolbar.  

CCleaner - PC Optimization and Cleaning - Free Download

Piriform - How to run CCleaner from a USB drive

 

 

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

After successfully using the programs above, scan using the programs below that will find and remove malware as well as adware.

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 14 November 2014 - 10:29 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 15 November 2014 - 02:47 AM

# AdwCleaner v4.101 - Report created 14/11/2014 at 20:13:00
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lacey - LACEY-PC
# Running from : C:\Users\Lacey\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Folder Deleted : C:\Program Files (x86)\Better-Surf
Folder Deleted : C:\Program Files (x86)\MediaBuzzV1
Folder Deleted : C:\Program Files (x86)\MediaViewerV1
Folder Deleted : C:\Program Files (x86)\MediaViewV1
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
Folder Deleted : C:\Program Files (x86)\VideoPerformer
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Program Files\Updater By SweetPacks
Folder Deleted : C:\Users\Lacey\AppData\Local\ilividmoviestoolbarha
Folder Deleted : C:\Users\Lacey\AppData\Local\unitlayers
Folder Deleted : C:\Users\Lacey\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\Lacey\AppData\Roaming\StatusWinks
Folder Deleted : C:\Users\Lacey\AppData\Roaming\Updater
Folder Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
Folder Deleted : C:\Users\Public\Util
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
File Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Lacey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
File Deleted : C:\Users\Lacey\Desktop\Facebook.lnk
File Deleted : C:\Users\Lacey\Desktop\Youtube.lnk
File Deleted : C:\Users\Lacey\Documents\eBay.lnk
File Deleted : C:\Users\Lacey\Documents\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Users\Lacey\Documents\iLivid.lnk
File Deleted : C:\Users\Lacey\Documents\Torch.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : BackgroundContainer Startup Task
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : DTChk
Task Deleted : DTReg

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\520d8dbbc38b813
Key Deleted : HKLM\SOFTWARE\520d8dbbc38b813
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\Desksvc
Key Deleted : HKLM\SOFTWARE\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\iLividSRTB
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v33.1.1 (x86 en-US)


-\\ Google Chrome v38.0.2125.122

[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN21052781482013929&ctid=CT3303004&UM=2
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN21052781482013929&ctid=CT3303004&UM=2
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110795&tt=bandext_3312_1&babsrc=SP_ss&mntrId=49fa998000000000000094445286743e
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110795&tt=bandext_3312_1&babsrc=SP_ss&mntrId=49fa998000000000000094445286743e
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb185/?search={searchTerms}&loc=IB_DS&a=6R8Qt4rovl&i=26
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb185/?search={searchTerms}&loc=IB_DS&a=6R8Qt4rovl&i=26
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=418&systemid=406&v=a10781-130&apn_uid=0087024510234351&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=418&systemid=406&v=a9396-130&apn_uid=0087024510234351&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=362&systemid=406&v=n11551-278&apn_uid=4430525345114207&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}

*************************

AdwCleaner[R0].txt - [22711 octets] - [14/11/2014 19:27:02]
AdwCleaner[R1].txt - [22772 octets] - [14/11/2014 19:40:19]
AdwCleaner[S0].txt - [22196 octets] - [14/11/2014 20:13:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22257 octets] ##########
 



#4 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 15 November 2014 - 02:48 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Premium x64
Fri 11/14/2014 at 20:28:53.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/14/2014 at 20:33:31.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 15 November 2014 - 02:52 AM

ESET Log-

 

 

C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir    MSIL/DomaIQ.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Updater By SweetPacks\Extension32.dll.vir    a variant of Win32/Toolbar.Perion.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Updater By SweetPacks\Extension64.dll.vir    a variant of Win64/Toolbar.Perion.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Updater By SweetPacks\InstallerHelper.dll.vir    a variant of Win32/Toolbar.BitCocktail.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Better-Surf\ch\Chrome.crx.vir    Win32/AdWare.BetterSurf.G application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Better-Surf\ff\Better-Surf.xpi.vir    Win32/AdWare.BetterSurf.G application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Better-Surf\ff\chrome\content\better-surf.js.vir    Win32/AdWare.BetterSurf.G application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Better-Surf\ie\BetterSrf.dll.vir    a variant of Win32/AdWare.BetterSurf.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8324\uninstall.exe.vir    a variant of Win32/Amonetize.X potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8324\ie\MediaBuzzV1mode8324.dll.vir    a variant of Win32/AdWare.BetterSurf.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1500\uninstall.exe.vir    a variant of Win32/Amonetize.X potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1500\ch\MediaViewerV1alpha1500.crx.vir    Win32/AdWare.BetterSurf.G application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1500\ff\chrome\content\ffMediaViewerV1alpha1500ffaction.js.vir    Win32/AdWare.BetterSurf.G application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1500\ie\MediaViewerV1alpha1500.dll.vir    a variant of Win32/AdWare.BetterSurf.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3293\uninstall.exe.vir    a variant of Win32/Amonetize.X potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3293\ch\MediaViewV1alpha3293.crx.vir    Win32/AdWare.BetterSurf.G application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3293\ff\chrome\content\ffMediaViewV1alpha3293ffaction.js.vir    Win32/AdWare.BetterSurf.G application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3293\ie\MediaViewV1alpha3293.dll.vir    a variant of Win32/AdWare.BetterSurf.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaWatchV1\MediaWatchV1home129\uninstall.exe.vir    a variant of Win32/Amonetize.X potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaWatchV1\MediaWatchV1home129\ie\MediaWatchV1home129.dll.vir    a variant of Win32/AdWare.BetterSurf.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release448\uninstall.exe.vir    a variant of Win32/Amonetize.X potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release448\ie\RichMediaViewV1release448.dll.vir    a variant of Win32/AdWare.BetterSurf.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Lacey\AppData\Local\unitlayers\temp.dat.vir    a variant of Win32/AdWare.Toolbar.AmyBar.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Public\Util\DTChk.exe.vir    a variant of Win32/Toolbar.DefaultTab.F potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir    a variant of Win64/Systweak.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\hfpapi.dll.vir    a variant of Win32/RiskWare.NetFilter.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\installd.exe.vir    a variant of Win32/Amonetize.BB potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe    a variant of Win32/HiddenStart.A potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe    a variant of Win32/HiddenStart.A potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\RealArcade\Installer\bin\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Extensions\affaehflnblehdfaddbnpjhlfiiobgof\1.1_0\ffMediaViewerV1alpha1500chaction.js    Win32/AdWare.BetterSurf.G application    cleaned by deleting - quarantined
C:\Users\Lacey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihnemgialpghojhebbmcajiomccohnnb\1.1_0\ffMediaViewV1alpha3293chaction.js    Win32/AdWare.BetterSurf.G application    cleaned by deleting - quarantined
C:\Users\Lacey\Downloads\ccsetup419.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Lacey\Downloads\Setup (3).exe    a variant of MSIL/DomaIQ.N potentially unwanted application    deleted - quarantined
C:\Users\Lacey\Downloads\Setup (5).exe    a variant of Win32/DomaIQ.AU potentially unwanted application    deleted - quarantined
 


Edited by beachfeet, 15 November 2014 - 02:53 AM.


#6 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 15 November 2014 - 06:44 AM

Nothing malicious was found...just a ton of unwanted adware. Please run the MBAM scan and post its log per instructions. (Malware Bytes AntiMalware)

 

Reset Google Chrome.

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your browser settings

  1. In the top-right corner of the browser window, click the Chrome menu
  2. Select Settings.
  3. At the bottom, click Show advanced settings.
  4. Under the section "Reset settings,” click Reset settings.
  5. In the dialog that appears, click Reset.

After running CCleaner to remove ALL cookies, temporary files, logs, etc., open it again. Click on Tools and choose Uninstall.

At the bottom right of that page you will see a button that when clicked will allow you to copy and paste the list of programs

installed on your computer back here. Please do that.

 

Open CCleaner again. Click on Tools and choose Startups. Using the same procedure as above post the list of Startups back here.

Then click on the Tasks button at the top of that page. post the list of Tasks back here.

 

Let me know how the computer is functioning and if there are still problems.


Edited by buddy215, 15 November 2014 - 06:49 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 15 November 2014 - 06:51 AM

Thank you very much buddy215. I will have that for you sometime today, or possibly tomorrow. Have a great weekend.



#8 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 15 November 2014 - 06:58 AM

I edited my post and you may have missed it. Please check as to the missing MBAM log.

If you are a college football fan....root for the Hurricanes...they will need all the help they can get tonight. :)


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 16 November 2014 - 12:14 AM

Hey buddy215,

I must have missed the updated post. Here are the MBAM, and CCleaner logs that you requested. The system is performing better than it was a few days ago, but there is still some lag while attempting to open and run programs. Thank you again for your help buddy215, I really appreciate this.

 

 

2014/11/14 20:50:09 -0800 mbam-log-2014-11-14 (20-50-08).xml yes

2.00.3.1025 v2014.11.15.02 v2014.11.12.01 free disabled disabled disabled Windows 7 Service Pack 1 x64 Lacey NTFS threat completed 323245 1149

0 0 56 21 0 43 188 0 enabled enabled enabled enabled enabled disabled enabled enabled enabled HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}PUP.Optional.DefaultTab.Asuccess7c6da496cbb1e4523cbbc6f7d62c2ed2 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}PUP.Optional.DefaultTab.Asuccess7c6da496cbb1e4523cbbc6f7d62c2ed2 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6EB988F8-F47D-4E54-8B56-449A85B21DBE}PUP.Optional.VafMusic.Asuccess9356d664cdaf8da96e82ad0d709202fe HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6EB988F8-F47D-4E54-8B56-449A85B21DBE}PUP.Optional.VafMusic.Asuccess9356d664cdaf8da96e82ad0d709202fe HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{739DF940-C5EE-4BAB-9D7E-270894AE687A}PUP.Optional.WhiteSmoke.Asuccessc326bc7eec906ccadabd856a57abcf31 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{739DF940-C5EE-4BAB-9D7E-270894AE687A}PUP.Optional.WhiteSmoke.Asuccessc326bc7eec906ccadabd856a57abcf31 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}PUP.Optional.RelatedSearchs.Asuccess41a8e654d7a581b5419e506b59a98977 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}PUP.Optional.DefaultTab.Asuccessecfd2a102a520630c109e0dde81a50b0 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}PUP.Optional.DefaultTab.Asuccess8069ad8dc6b6330334970ab30101857b HKLM\SOFTWARE\WOW6432NODE\MediaBuzzV1mode8324PUP.Optional.MediaBuzz.Asuccess6e7bba80d3a9280e6b6fbba1917258a8 HKLM\SOFTWARE\WOW6432NODE\MediaViewerV1alpha1500PUP.Optional.MediaViewer.Asuccessdf0a40fa611b85b1b4a1afbae41fa65a HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha3293PUP.Optional.MediaView.Asuccess07e2cf6bf88448ee9f0e4127d0339967 HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home129PUP.Optional.MediaWatch.Asuccess886198a2225ac571863ca8f80004be42 HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release448PUP.Optional.RichMediaView.Asuccessdc0db88282fa78be9579b7a0877cba46 HKLM\SOFTWARE\WOW6432NODE\WhiteSmoke_NewPUP.Optional.WhiteSmoke.Asuccessf0f95edc9ede55e15885c275ea195fa1 HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DatamngrPUP.Optional.DataMngr.Asuccessd019a496621a75c14b5abfc748bc0ef2 HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTabPUP.Optional.DefaultTab.Asuccessb83153e72c501d19e19b1e55c24143bd HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEFAULT TABPUP.Optional.DefaultTab.Asuccessa049c476601c4ceac4b7690a6c97c13f HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbarhaPUP.Optional.MoviesToolBar.Asuccess5d8c44f67efeaa8c46138ee31ae9ee12 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\WhiteSmoke_NewPUP.Optional.WhiteSmoke.Asuccess22c790aaadcfb383914e70c756ad13ed HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B8E5F9D5-5B23-4133-AFF6-9372A82DBA0A}PUP.Optional.VafMusic.Asuccessb237b783de9ee155d8547a8f40c3d729 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B8E5F9D5-5B23-4133-AFF6-9372A82DBA0A}PUP.Optional.VafMusic.Asuccessb237b783de9ee155d8547a8f40c3d729 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{B8E5F9D5-5B23-4133-AFF6-9372A82DBA0A}PUP.Optional.VafMusic.Asuccessb237b783de9ee155d8547a8f40c3d729 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vafmusic11 ToolbarPUP.Optional.VafMusic.Asuccessb237b783de9ee155d8547a8f40c3d729 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{203b67d4-79bd-4419-8917-f4ad9bab218a}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{203B67D4-79BD-4419-8917-F4AD9BAB218A}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\CLASSES\TYPELIB\{d85efb50-49d6-4873-b90a-dc4f9c2c1d0a}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\CLASSES\INTERFACE\{68493BE3-95EF-4855-8BA4-FD99EDEC6DF4}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{68493BE3-95EF-4855-8BA4-FD99EDEC6DF4}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d85efb50-49d6-4873-b90a-dc4f9c2c1d0a}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{203B67D4-79BD-4419-8917-F4AD9BAB218A}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{203B67D4-79BD-4419-8917-F4AD9BAB218A}PUP.Optional.MediaViewer.Asuccesse306f347245892a433508bc2db2aa957 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{557a3692-b666-4f4b-85c3-0ed203894640}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{557A3692-B666-4F4B-85C3-0ED203894640}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\CLASSES\TYPELIB\{31de6cbe-1081-4b88-ac5f-5bda5c46560b}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\CLASSES\INTERFACE\{7CC76789-C9D1-4223-B8A7-F04AF5192281}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7CC76789-C9D1-4223-B8A7-F04AF5192281}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{31de6cbe-1081-4b88-ac5f-5bda5c46560b}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{557A3692-B666-4F4B-85C3-0ED203894640}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{557A3692-B666-4F4B-85C3-0ED203894640}PUP.Optional.MediaWatch.Asuccessa84162d8e498e2546c58c88540c522de HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6f6f3603-3346-4785-9d30-0d71895b86cf}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6F6F3603-3346-4785-9D30-0D71895B86CF}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\CLASSES\TYPELIB\{b5ef73c2-fc07-4212-88e0-75e047b63ca7}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\CLASSES\INTERFACE\{1DD79D8A-7DA8-4801-A1DD-B6F04C7692CA}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1DD79D8A-7DA8-4801-A1DD-B6F04C7692CA}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{b5ef73c2-fc07-4212-88e0-75e047b63ca7}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6F6F3603-3346-4785-9D30-0D71895B86CF}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6F6F3603-3346-4785-9D30-0D71895B86CF}PUP.Optional.MediaBuzz.Asuccessb0390e2c6517e94d0736b39b4bba9d63 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ccb7445c-8d41-4fd7-b9a1-dcaea259c6a8}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CCB7445C-8D41-4FD7-B9A1-DCAEA259C6A8}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKLM\SOFTWARE\CLASSES\TYPELIB\{55180f9f-523d-4868-948e-d041a9e66640}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKLM\SOFTWARE\CLASSES\INTERFACE\{F29A8661-15C8-4997-BDAC-D2DA256B964E}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F29A8661-15C8-4997-BDAC-D2DA256B964E}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{55180f9f-523d-4868-948e-d041a9e66640}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCB7445C-8D41-4FD7-B9A1-DCAEA259C6A8}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCB7445C-8D41-4FD7-B9A1-DCAEA259C6A8}PUP.Optional.MediaView.Asuccess5a8f52e879037bbb5a2caf9e2dd84bb5 HKU\S-1-5-21-2865683786-1971664752-1217926854-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER{6EB988F8-F47D-4E54-8B56-449A85B21DBE}PUP.Optional.VafMusic.Asuccess

 

 

 

 

 

Accidental Damage Services Agreement    Dell Inc.    8/6/2012        2.0.0
Adobe AIR    Adobe Systems Incorporated    8/6/2012        2.6.0.19120
Adobe Flash Player 15 ActiveX    Adobe Systems Incorporated    11/12/2014    6.00 MB    15.0.0.223
Adobe Reader X (10.1.10) MUI    Adobe Systems Incorporated    5/14/2014    480 MB    10.1.10
Advanced Audio FX Engine    Creative Technology Ltd    8/6/2012        1.12.05
Banctec Service Agreement    Dell Inc.    8/6/2012        2.0.0
CCleaner    Piriform    11/13/2014        4.19
Complete Care Business Service Agreement    Dell Inc.    8/6/2012        2.0.0
Consumer In-Home Service Agreement    Dell Inc.    8/6/2012        2.0.0
Dell Audio    Cirrus Logic    8/6/2012        6.24.5.1
Dell DataSafe Local Backup    Dell Inc.    8/6/2012        9.4.67
Dell DataSafe Local Backup - Support Software    Dell Inc.    8/6/2012        9.4.67
Dell DataSafe Online    Dell    6/1/2014    21.1 MB    2.9.0.19
Dell Getting Started Guide    Dell Inc.    8/6/2012        1.00.0000
Dell Home Systems Service Agreement    Dell Inc.    8/6/2012        2.0.0
Dell Location Utility    Dell Wireless    8/6/2012        3.4.1.14
Dell MusicStage    Fingertapps    8/6/2012        1.6.225.0
Dell PhotoStage    ArcSoft    8/6/2012    165 MB    1.5.0.130
Dell Stage    Fingertapps    8/6/2012        1.7.209.0
Dell Stage Remote    ArcSoft    8/6/2012    80.8 MB    2.0.0.43
Dell Support Center    Dell Inc.    8/6/2012    128 MB    3.1.5907.16
Dell Touchpad    ALPS ELECTRIC CO., LTD.    8/6/2012        7.1209.101.217
Dell VideoStage    CyberLink Corp.    8/6/2012        1.3.0.2513
Dell Webcam Central    Creative Technology Ltd    8/6/2012        2.01.15
eBay    eBay Inc.    8/6/2012        1.4.0
ESET Online Scanner v3        11/14/2014        
getsav-in    Adpeak, Inc.    6/22/2013        1.1371963316
Google Chrome    Google Inc.    6/27/2013        38.0.2125.122
HP Officejet 4620 series Basic Device Software    Hewlett-Packard Co.    6/25/2013    153 MB    28.0.1315.0
HP Officejet 4620 series Help    Hewlett Packard    6/25/2013    18.9 MB    6.0.0
HP Officejet 4620 series Product Improvement Study    Hewlett-Packard Co.    6/25/2013    8.31 MB    28.0.1315.0
HP Photo Creations    HP    7/25/2013    14.6 MB    1.0.0.9572
HP Update    Hewlett-Packard    7/25/2013    3.98 MB    5.005.000.002
I.R.I.S. OCR    HP    6/25/2013    68.9 MB    12.3.4.0
Intel® Control Center    Intel Corporation    8/10/2014        1.2.1.1007
Intel® Management Engine Components    Intel Corporation    8/10/2014        8.0.1.1399
Intel® Processor Graphics    Intel Corporation    8/10/2014        8.15.10.2712
Intel® PROSet/Wireless for Bluetooth® + High Speed    Intel Corporation    8/6/2012    5.30 MB    15.1.0.0096
Intel® PROSet/Wireless Software for Bluetooth® Technology    Intel Corporation    8/6/2012    107 MB    2.0.0.0113
Intel® Rapid Storage Technology    Intel Corporation    8/10/2014        11.1.0.1006
Intel® Turbo Boost Technology Monitor 2.0    Intel    8/6/2012    13.2 MB    2.1.23.0
Intel® USB 3.0 eXtensible Host Controller Driver    Intel Corporation    8/10/2014        1.0.4.220
Intel® WiDi    Intel Corporation    8/6/2012    141 MB    3.0.12.0
Intel® PROSet/Wireless WiFi Software    Intel Corporation    8/6/2012    406 MB    15.01.1000.0927
Intel® Trusted Connect Service Client    Intel Corporation    8/6/2012    10.6 MB    1.23.219.2
Internet Explorer Toolbar 4.8 by SweetPacks        11/11/2014        
Malwarebytes Anti-Malware version 2.0.3.1025    Malwarebytes Corporation    11/14/2014    56.6 MB    2.0.3.1025
Media Buzz    Media Buzz    4/27/2014        1.1
Media View    Media View    2/27/2014        1.1
Media Viewer    Media Viewer    2/23/2014        1.1
Media Watch    Media Watch    3/22/2014        1.1
Microsoft .NET Framework 4.5.1    Microsoft Corporation    3/5/2014    38.8 MB    4.5.50938
Microsoft Office Home and Student 2010    Microsoft Corporation    11/20/2013        14.0.7015.1000
Microsoft Silverlight    Microsoft Corporation    8/10/2014    249 MB    5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    8/6/2012    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    9/4/2012    300 KB    8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    8/6/2012    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    9/9/2012    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    12/26/2012    1.41 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729    Microsoft Corporation    8/6/2012    598 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    8/6/2012    596 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    8/6/2012    595 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    9/9/2012    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319    Microsoft Corporation    10/24/2012    24.2 MB    10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319    Microsoft Corporation    10/24/2012    11.0 MB    10.0.30319
Mozilla Firefox 33.1.1 (x86 en-US)    Mozilla    11/14/2014    77.5 MB    33.1.1
Mozilla Maintenance Service    Mozilla    11/14/2014    213 KB    33.1.1
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    6/26/2013    1.27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    6/26/2013    1.33 MB    4.20.9876.0
PlayReady PC Runtime amd64    Microsoft Corporation    9/9/2012    2.05 MB    1.3.0
PlayReady PC Runtime x86    Microsoft Corporation    8/6/2012    1.65 MB    1.3.0
Premium Service Agreement    Dell Inc.    8/6/2012        2.0.0
QualxServ Service Agreement    Dell Inc.    8/6/2012        2.0.0
Quickset64    Dell Inc.    8/6/2012        11.1.17
Rich Media View    Rich Media View    5/13/2014        1.1
Riverpoint Writer    Apollo Group, Inc.    9/15/2012        2.0.0.12
Shared C Run-time for x64    McAfee    9/22/2012    2.78 MB    10.0.0
Skype™ 6.11    Skype Technologies S.A.    3/5/2014    26.9 MB    6.11.102
SyncUP    Nero AG    8/6/2012    288 MB    10.2.16500
TrustedID IDMonitor Identity Protection    TrustedID Inc    9/9/2012    273 KB    1.1.0
Unit Layers    Unit Layers    6/22/2013        9.0
Updater By SweetPacks 2.0.0.586    SweetPacks    6/22/2013    1.93 MB    2.0.0.586
VideoPerformer    PerformerSoft LLC    12/26/2012        
Visual Studio 2012 x64 Redistributables    AVG Technologies    8/10/2014    12.9 MB    14.0.0.1
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    8/10/2014    10.5 MB    14.0.0.1
Windows Live Essentials    Microsoft Corporation    8/6/2012        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    8/6/2012    5.57 MB    15.4.5722.2
Yahoo! Software Update        9/15/2012        
Yahoo! Toolbar    Yahoo! Inc.    9/27/2012        
 

 

No    HKCU:Run    BackgroundContainer    Microsoft Corporation    "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Lacey\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    Desk 365        "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
No    HKCU:Run    HP Officejet 4620 series (NET)    Hewlett-Packard Co.    "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34J332HZ05S1:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
No    HKCU:Run    iLivid        "C:\Users\Lacey\AppData\Local\iLivid\iLivid.exe" -autorun
No    HKCU:Run    Sidebar    Microsoft Corporation    C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Yes    HKCU:RunOnce    Application Restart #2    Google Inc.    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session http://home.mcafee.com/Root/RenewProduct.aspx?lang=en-us&lcid=1033&langid=1&culture=en-US&rcode=Windows810&version=11.6&affid=105-338&hres=1366&vres=768&rnwsrc=mra&expdt=20131122&pkgs=282_105_en-us_0_1E965FF4-6AAB-44E7-B963-622DB2F8904A_20131122_260_2&email=laceyvance@comcast.net&hardware_id=b9cdfab3389b5d28e5f968e60f21bb58&windows_id=_{AF38D654-32D8-4755-83C1-96C85A5A2EB2}&pk=1E965FF4-6AAB-44E7-B963-622DB2F8904A&pkgid=282&os_country=US&os_culture=en&rtmui_lcid=1033
No    HKLM:Run    AccuWeatherWidget    Unlimited Realities    "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
No    HKLM:Run    Apoint    Alps Electric Co., Ltd.    C:\Program Files\DellTPad\Apoint.exe
No    HKLM:Run    AVG_UI        "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
No    HKLM:Run    BLEServicesCtrl    Intel Corporation - Mobile Wireless Group    C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
No    HKLM:Run    BTMTrayAgent    Microsoft Corporation    rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
No    HKLM:Run    Dell Audio        C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
No    HKLM:Run    Dell Location Utility    Skyhook Wireless    c:\Program Files\Dell\Dell Location and GPS\Dell Location Utility\xpscontrolpanel.exe --no-info
No    HKLM:Run    Dell Webcam Central    Creative Technology Ltd    "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
No    HKLM:Run    DellStage    Unlimited Realities    "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
No    HKLM:Run    HotKeysCmds    Intel Corporation    C:\Windows\system32\hkcmd.exe
No    HKLM:Run    IAStorIcon    Intel Corporation    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
No    HKLM:Run    IgfxTray    Intel Corporation    C:\Windows\system32\igfxtray.exe
No    HKLM:Run    IntelMyWiFiDashboard    Intel® Corporation    C:\Program Files\Intel\WiFi\bin\CCDashServer.exe /startup
No    HKLM:Run    IntelTBRunOnce    Microsoft Corporation    wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
No    HKLM:Run    mcui_exe        "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
No    HKLM:Run    NeroLauncher    Nero AG    C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
No    HKLM:Run    Persistence    Intel Corporation    C:\Windows\system32\igfxpers.exe
No    HKLM:Run    QuickSet    Dell Inc.    c:\Program Files\Dell\QuickSet\QuickSet.exe
No    HKLM:Run    Stage Remote    ArcSoft, Inc.    C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
No    HKLM:Run    USB3MON    Intel Corporation    "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
No    Startup Common    McAfee Security Scan Plus.lnk        C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
No    Startup User    Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN34J332HZ05S1;CONNECTION=NW;MONITOR=1;
 



#10 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 16 November 2014 - 08:30 AM

Please rerun the MBAM scan after updating MBAM. Open MBAM and choose update. Then choose scan now.

Post the new log.

I will comment on the installed programs and startups after receiving the new MBAM log.

 

EDIT: I don't see the list of Tasks.

 

QUOTE: Open CCleaner again. Click on Tools and choose Startups. Using the same procedure as above post the list of Startups back here.

Then click on the Tasks button at the top of that page. post the list of Tasks back here.


Edited by buddy215, 16 November 2014 - 08:35 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 16 November 2014 - 09:06 AM

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    Adobe online update program    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HP AR Program Upload - 07c3a4c1733c4ac5b526291c92519a8087bb573117424fbaa98a0361a97fe01c    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N 07c3a4c1733c4ac5b526291c92519a8087bb573117424fbaa98a0361a97fe01c -mode Scheduled
Yes    Task    HP AR Program Upload - 99e057a7d3774656a715c28ea8aeb876bcbae61e6ed148ab9eaed7716a943040    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N 99e057a7d3774656a715c28ea8aeb876bcbae61e6ed148ab9eaed7716a943040 -mode Scheduled
Yes    Task    HP AR Program Upload - c27fcc5699e44e78a13112905382e9ba323fa66a3a0a43649813a7867efc851b    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N c27fcc5699e44e78a13112905382e9ba323fa66a3a0a43649813a7867efc851b -mode Scheduled
Yes    Task    HP AR Program Upload - eb7057838e4d4c4cb51cbfbaaf86078dc85bfb87391942abbcd3dea596c67021    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N eb7057838e4d4c4cb51cbfbaaf86078dc85bfb87391942abbcd3dea596c67021 -mode Scheduled
Yes    Task    HP AR Program Upload - eeae2c9af0e741ed8e57296b3ea368e548ccc17c87cb4e6eaaaec97110b73387    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N eeae2c9af0e741ed8e57296b3ea368e548ccc17c87cb4e6eaaaec97110b73387 -mode Scheduled
Yes    Task    HP online update program    Hewlett-Packard    C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Yes    Task    HPCustParticipation HP Officejet 4620 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe" /UA 10.5 /DDV 0x0a00
Yes    Task    IntelBootstrapCCDashServer    Intel® Corporation    C:\Program Files\Intel\WiFi\bin\CCDashServer.exe
Yes    Task    {0B969236-2013-4BD0-895B-6A8CE504A3DC}        D:\Andrew's report for 9th grade english\Presentation SuiteInstaller.exe
Yes    Task    {15131477-990E-42BD-965C-ED7BF633CB24}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "C:\Users\Lacey\Downloads\Setup (4).exe" -d C:\Users\Lacey\Downloads
Yes    Task    {2C94E768-E1ED-4ABE-9F76-175CB8CEDF68}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe" -c -uprtc -key "claro"

 


I'll get right on that MBAM situatioin.



#12 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 16 November 2014 - 09:33 AM

Hello,

I updated and ran MBAM, but I am unable to view a log. However, after the scan was complete, MBAM reported that no malicious files were found.



#13 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 16 November 2014 - 10:08 AM

Open MBAM and there is a button at the top you can click on to show logs. There are different categories of logs.

I want to see the last/ today's scan log..You may need to click on History first and then Logs. I'm not on Windows now

so I'm not sure of the path but it is there.

Malicious does not include PUPS / Adware...I need to see the entire log.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 buddy215

buddy215

  • Moderator
  • 13,102 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:54 AM

Posted 16 November 2014 - 11:06 AM

Open CCleaner and disable the tasks listed below....

Yes    Task    Adobe online update program    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HP AR Program Upload - 07c3a4c1733c4ac5b526291c92519a8087bb573117424fbaa98a0361a97fe01c    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N 07c3a4c1733c4ac5b526291c92519a8087bb573117424fbaa98a0361a97fe01c -mode Scheduled
Yes    Task    HP AR Program Upload - 99e057a7d3774656a715c28ea8aeb876bcbae61e6ed148ab9eaed7716a943040    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N 99e057a7d3774656a715c28ea8aeb876bcbae61e6ed148ab9eaed7716a943040 -mode Scheduled
Yes    Task    HP AR Program Upload - c27fcc5699e44e78a13112905382e9ba323fa66a3a0a43649813a7867efc851b    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N c27fcc5699e44e78a13112905382e9ba323fa66a3a0a43649813a7867efc851b -mode Scheduled
Yes    Task    HP AR Program Upload - eb7057838e4d4c4cb51cbfbaaf86078dc85bfb87391942abbcd3dea596c67021    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N eb7057838e4d4c4cb51cbfbaaf86078dc85bfb87391942abbcd3dea596c67021 -mode Scheduled
Yes    Task    HP AR Program Upload - eeae2c9af0e741ed8e57296b3ea368e548ccc17c87cb4e6eaaaec97110b73387    TODO: <Company name>    C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe -N eeae2c9af0e741ed8e57296b3ea368e548ccc17c87cb4e6eaaaec97110b73387 -mode Scheduled
Yes    Task    HP online update program    Hewlett-Packard    C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Yes    Task    HPCustParticipation HP Officejet 4620 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe" /UA 10.5 /DDV 0x0a00

 

Yes    Task    {0B969236-2013-4BD0-895B-6A8CE504A3DC}        D:\Andrew's report for 9th grade english\Presentation SuiteInstaller.exe
Yes    Task    {15131477-990E-42BD-965C-ED7BF633CB24}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "C:\Users\Lacey\Downloads\Setup (4).exe" -d C:\Users\Lacey\Downloads
Yes    Task    {2C94E768-E1ED-4ABE-9F76-175CB8CEDF68}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe" -c -uprtc -key "claro"

 

If offered as an option....uninstall/ delete the last one....Claro LTD which is an adware toolbar.

 

UNINSTALL THESE PROGRAMS: You can use the uninstall tool in CCleaner.

Adobe AIR    Adobe Systems Incorporated    8/6/2012        2.6.0.19120
eBay    eBay Inc.    8/6/2012        1.4.0

getsav-in    Adpeak, Inc.    6/22/2013        1.1371963316 (Adware)
HP Update    Hewlett-Packard    7/25/2013    3.98 MB    5.005.000.002
Internet Explorer Toolbar 4.8 by SweetPacks        11/11/2014      (Adware) 
Media Buzz    Media Buzz    4/27/2014        1.1
Media View    Media View    2/27/2014        1.1
Media Viewer    Media Viewer    2/23/2014        1.1
Media Watch    Media Watch    3/22/2014        1.1
Microsoft Silverlight    Microsoft Corporation    8/10/2014    249 MB    5.1.30514.0 (Unless you actually use it)
Rich Media View    Rich Media View    5/13/2014        1.1 (Adware Program)
Riverpoint Writer    Apollo Group, Inc.    9/15/2012        2.0.0.12
Shared C Run-time for x64    McAfee    9/22/2012    2.78 MB    10.0.0
TrustedID IDMonitor Identity Protection    TrustedID Inc    9/9/2012    273 KB    1.1.0  (If you haven't actually signed up to use it)
Unit Layers    Unit Layers    6/22/2013        9.0
Updater By SweetPacks 2.0.0.586    SweetPacks    6/22/2013    1.93 MB    2.0.0.586 (Adware)
VideoPerformer    PerformerSoft LLC    12/26/2012        
Visual Studio 2012 x64 Redistributables    AVG Technologies    8/10/2014    12.9 MB    14.0.0.1 (Unless you are a developer and use it)
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    8/10/2014    10.5 MB    14.0.0.1 (Unless you are a developer and use it)
Yahoo! Software Update        9/15/2012        
Yahoo! Toolbar    Yahoo! Inc.    9/27/2012    

 

   
 


Edited by buddy215, 17 November 2014 - 06:07 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 beachfeet

beachfeet
  • Topic Starter

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 17 November 2014 - 05:37 AM

Open MBAM and there is a button at the top you can click on to show logs. There are different categories of logs.

I want to see the last/ today's scan log..You may need to click on History first and then Logs. I'm not on Windows now

so I'm not sure of the path but it is there.

Malicious does not include PUPS / Adware...I need to see the entire log.

I am able to see that the logs are there, but I cannot open them. I ran into that problem when I tried to post the last logs, so I ended up following the paths C:\ProgramData\Malwarebytes\MalwarebytesAnti-Malware\Logs... in order to copy and paste them. I tried doing this again after you requested more logs, but they are not there. Even after scanning again, the logs show up in the MBAM Application Logs section, with a path, but I am unable to open the logs in MBAM, and if I follow the path that was provided, they are not there. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users