Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think i am infected


  • Please log in to reply
8 replies to this topic

#1 Marty_J

Marty_J

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 27 January 2015 - 08:04 PM

Using Windiows 7,

 

I recently got infected by some nast stuff that kept on trying redirect me around,i think i have got rid of it but I really want to make sure.

 

I used to use a site similar to this a fair few years ago but cannot rememebr the name of it, but i am here now and would like some help.

 

 

I have used M-BAM and run this regularly, I would also like to run a general check up if that is at all possible..?

 

Thank in advance guys.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:11 PM

Posted 27 January 2015 - 08:27 PM

Welcome to BC !

If MBAM found some malware or adware you can view those logs under the history tab showing what it found. Post the log that shows that by copying and pasting it in your next post.

 

The programs below will clean up, remove adware and malware that affects most computer users these days.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Hold down Control and click on this link to open ESET OnlineScan in a new window. (Eset can take more than an hour to run so plan accordingly)

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Marty_J

Marty_J
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 28 January 2015 - 04:52 AM

Thank you for the welcome, i am on it now....

 

MBAM did get rid of some crap, i just want to really make sure its all gone and that there is nothing else chewing up my performance

 

 

Hopefully get  the lappy running back to full speed.



#4 Marty_J

Marty_J
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 29 January 2015 - 06:55 AM

Here you go  mate

 

 

 

Welcome to BC !

If MBAM found some malware or adware you can view those logs under the history tab showing what it found. Post the log that shows that by copying and pasting it in your next post.

 

The programs below will clean up, remove adware and malware that affects most computer users these days.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Hold down Control and click on this link to open ESET OnlineScan in a new window. (Eset can take more than an hour to run so plan accordingly)

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 AdwCleaner v4.109 - Report created 28/01/2015 at 20:23:21
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\2623487093983420973
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\Local\Conduit
Folder Deleted : C:\Users\Martin\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Martin\AppData\Roaming\GetPrivate
Folder Deleted : C:\Users\Martin\AppData\Roaming\NCH Software
Folder Deleted : C:\ProgramData\pooackbmobpdnekklcmmeclimaoglpnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9DFFAA5F-44C6-4FF2-80EE-76368D0A2E75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BB27DF2F-6F05-4A42-9FFD-14696D795750}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{934063FB-A81D-4849-B02C-478446DF3219}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{993161E3-CF87-46CF-A702-3FD05D3DEDDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32CC4D2E-999C-4853-9D3E-5DE4C02D57C6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 172.25.215.232:8080

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v35.0.1 (x86 en-US)

[awqe9jqj.default-1422335150730\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E[...]

-\\ Google Chrome v40.0.2214.93

[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP3C6D2668-C477-4E30-AE09-41A10C45DF66&q={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1421884016&from=wpc&uid=WDCXWD3200BEKT-22KA9T0_WD-WXM1E31XCR61XCR61&q={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1421884016&from=wpc&uid=WDCXWD3200BEKT-22KA9T0_WD-WXM1E31XCR61XCR61&q={searchTerms}

*************************

AdwCleaner[R0].txt - [13354 octets] - [28/01/2015 20:20:37]
AdwCleaner[S0].txt - [13424 octets] - [28/01/2015 20:23:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13485 octets] ##########
 

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Martin on Wed 28/01/2015 at 20:30:43.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-678CD7F9.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Martin\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{0E00A968-1DE0-45FE-8B54-036A0A9AA547}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{0FE40827-8D82-4A38-B4F8-61CD4E97961C}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{152A464C-4B54-4FDE-A913-593492BD48DF}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{16651F90-6B19-47B4-8280-F0B95227BD1C}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{1BF99B4A-2DE9-46A5-A0B0-081A23F304ED}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{1EB683F4-8C44-426E-82E4-C824EF6306A1}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{2B0BC2D8-14F0-4A74-A0BA-BAD89A87D2C2}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{3622E28C-AB9B-4BA8-9918-86544D87B53F}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{3C12EDD0-5523-4F93-BA37-7832721FA334}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{4094ABE5-CBB9-42BC-B69D-C02EB0BEE7BB}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{46D86F29-5AD0-4EFD-9392-DF13B7AD1B8C}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{48522ED5-472A-4AE0-942C-4C75E7417E25}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{72FA3D82-F3C9-47BC-8B74-87AFE857A3A5}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{8057DD68-40D5-415C-B744-E997B75D1127}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{80C1957D-B6F3-4CDB-B7EA-E022755B5F97}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{8D30DC48-292B-4C96-B197-07FA773F13A9}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{90A00011-FD37-4142-B09C-BAEB26563A62}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{93D9DEB2-E39C-4949-A0E6-029A80FBAB68}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{96E46E32-FAC1-4BC1-84C9-D4D3FD547772}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{9A935826-9CB9-4021-A802-C326816D70E8}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{A448210D-F279-4F5F-A33A-0D27E1CE060E}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{B45C7AE8-FDA6-440F-B2ED-3547166F8E74}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{BCB36846-DC37-4A0B-8194-AB49A62F4B3F}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{C0EA1ED3-41A6-4CC0-A25A-229A1A1EA1EA}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{CF1B9FE2-BA04-4AEA-886A-510634552AF4}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{D579C493-D5CE-4FC1-AF80-9EC9C34C99B7}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{D88D7FE0-8E5A-4335-8365-2555968E04F8}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{DDB8E635-D412-4939-808C-AFF91AC8C27E}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{DE7CDF4C-181A-4FD6-8829-0B833C45F9EF}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{EA0B8C22-B997-4277-A349-903A24D4E1CC}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{ECA376A2-7C6C-433C-BA8E-2A91D5C9C7E3}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{F3C8EBE7-3471-4B03-BE4A-F7CB6D9B413A}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{F8EED334-EA49-4128-8C63-7BDF52EBAF20}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{FBA06513-CC1E-464D-8619-B7257512C578}
Successfully deleted: [Empty Folder] C:\Users\Martin\appdata\local\{FDD6FFC1-4170-4BDC-9305-9EB1858F56BD}



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 28/01/2015 at 20:48:26.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

C:\$Recycle.Bin\S-1-5-21-4257181350-2178622734-3415266685-1003\$R4OU7X0.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\pooackbmobpdnekklcmmeclimaoglpnk\y2.js.vir    JS/Kryptik.ATB trojan    cleaned by deleting - quarantined
C:\Users\Martin\Desktop\Fruity Loops.Edition.v10.0.0 @vAin4us\flstudio_10.0.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\Martin\Desktop\Old Firefox Data\247xkocj.default-1405501690586\extensions\GRIRLM5@E.edu\content\bg.js    JS/Kryptik.ATL trojan    cleaned by deleting - quarantined
C:\Users\Martin\Desktop\Old Firefox Data\247xkocj.default-1405501690586\extensions\qswdRzN@S.org\content\bg.js    JS/Kryptik.ATL trojan    cleaned by deleting - quarantined
C:\Users\Martin\Downloads\ccsetup312.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\Martin\Downloads\ccsetup314.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\Martin\Downloads\ccsetup419.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
 



#5 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:11 PM

Posted 29 January 2015 - 08:59 AM

Right click on the Firefox Shortcut/ Icon on your desktop. Choose Properties. Click on the Shortcut tab. If you see anything added after Firefox.exe highlight it and delete

as shown in image below. If there is something that needs deleting, then you will need to do that for the Firefox Shortcut in the Start Menu, Desktop, and Taskbar.

Let me know if anything needed deleting or not.

istartsurf-hijack.jpg

 

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a button in the bottom right corner that when clicked will allow

you to Copy and Paste the list of programs installed on your computer in your next post. Please do that.

 

Again, open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups. Click on the button in the bottom right

of that page and Copy and Paste that list into your next post.

 

There was a lot of adware and some malware removed. How is the computer running...is it up to par?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Marty_J

Marty_J
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 29 January 2015 - 10:00 PM

Nothing to delete form the properties in FF.

 

Adobe AIR    Adobe Systems Incorporated    30/09/2011        2.7.1.19610
Adobe Flash Player 16 ActiveX    Adobe Systems Incorporated    28/01/2015    6.00 MB    16.0.0.296
Adobe Flash Player 16 NPAPI    Adobe Systems Incorporated    28/01/2015    6.00 MB    16.0.0.296
Adobe Reader XI (11.0.10)    Adobe Systems Incorporated    21/12/2014    183 MB    11.0.10
Apple Application Support    Apple Inc.    26/09/2012    64.5 MB    2.2.2
Apple Mobile Device Support    Apple Inc.    26/09/2012    23.7 MB    6.0.0.59
Apple Software Update    Apple Inc.    12/03/2012    2.38 MB    2.1.3.127
ASIO4ALL    Michael Tippach    16/08/2013        2.10
AVG 2015    AVG Technologies    19/01/2015        2015.0.5645
Bonjour    Apple Inc.    26/09/2012    2.00 MB    3.0.0.10
CCleaner    Piriform    26/10/2014        4.19
DataLoggerXP    Crystal Engineering    22/11/2012    2.94 MB    1.53.0474
ESET Online Scanner v3        28/01/2015        
Facebook Video Calling 3.1.0.521    Skype Limited    11/08/2014    12.4 MB    3.1.521
FL Studio 10    Image-Line    24/07/2014        
Google Chrome    Google Inc.    16/08/2013        40.0.2214.93
HP Support Assistant    Hewlett-Packard Company    19/08/2011    77.7 MB    6.0.5.4
IL Download Manager    Image-Line    24/07/2014        
iTunes    Apple Inc.    26/09/2012    182 MB    10.7.0.21
Java 7 Update 67    Oracle    11/08/2014    118 MB    7.0.670
JMicron JMB38X Flash Media Controller    JMicron Technology Corp.    19/08/2011        1.00.18.07
Juniper Networks Host Checker    Juniper Networks    11/12/2012        7.1.11.21451
Juniper Networks Secure Application Manager    Juniper Networks    1/07/2013        7.1.11.21451
Juniper Networks, Inc. Setup Client    Juniper Networks, Inc.    11/12/2012    800 KB    7.1.10.21853
Juniper Networks, Inc. Setup Client Activex Control    Juniper Networks, Inc.    11/12/2012        2.1.1.1
License Support    PACE Anti-Piracy, Inc.    17/08/2012    4.06 MB    1.00.0000
LightScribe System Software    LightScribe    19/08/2011    23.9 MB    1.18.8.1
M-Audio Xponent Driver 6.0.2 (x64)    M-Audio    31/10/2012    3.84 MB    6.0.2
Malwarebytes Anti-Malware version 2.0.4.1028    Malwarebytes Corporation    22/01/2015    57.2 MB    2.0.4.1028
Microsoft .NET Framework 4.5.1    Microsoft Corporation    20/03/2014    38.8 MB    4.5.50938
Microsoft Office File Validation Add-In    Microsoft Corporation    16/05/2014    10.8 MB    14.0.5130.5003
Microsoft Office Outlook Connector    Microsoft Corporation    14/11/2011    3.36 MB    14.0.6106.5001
Microsoft Office Professional Plus 2007    Microsoft Corporation    19/02/2012        12.0.6612.1000
Microsoft Security Essentials    Microsoft Corporation    13/09/2014        4.6.305.0
Microsoft Silverlight    Microsoft Corporation    24/07/2014    298 MB    5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    19/08/2011    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    30/01/2012    300 KB    8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    19/08/2011    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    30/09/2011    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    29/01/2012    240 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    7/11/2011    596 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    9/11/2011    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    16/12/2012    12.2 MB    10.0.40219
Mozilla Firefox 35.0.1 (x86 en-US)    Mozilla    28/01/2015    84.5 MB    35.0.1
Mozilla Maintenance Service    Mozilla    22/01/2015    214 KB    35.0
Native Instruments Audio 2 DJ Driver        20/07/2014        
Native Instruments Audio 2 DJ Driver    Native Instruments    20/07/2014        
Native Instruments Audio 4 DJ Driver        20/07/2014        
Native Instruments Audio 4 DJ Driver    Native Instruments    20/07/2014        
Native Instruments Audio 8 DJ Driver        20/07/2014        
Native Instruments Audio 8 DJ Driver    Native Instruments    20/07/2014        
Native Instruments Controller Editor        19/08/2011        
Native Instruments Controller Editor    Native Instruments    20/07/2014    24.2 MB    1.6.1.1657
Native Instruments Traktor 2        19/08/2011        
Native Instruments Traktor 2    Native Instruments    20/07/2014        2.6.7.337
Native Instruments Traktor Audio 10 Driver        20/07/2014        
Native Instruments Traktor Audio 10 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Audio 2 Driver        20/07/2014        
Native Instruments Traktor Audio 2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Audio 2 MK2 Driver        20/07/2014        
Native Instruments Traktor Audio 2 MK2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Audio 6 Driver        20/07/2014        
Native Instruments Traktor Audio 6 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol F1 Driver        20/07/2014        
Native Instruments Traktor Kontrol F1 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol S2 Driver        20/07/2014        
Native Instruments Traktor Kontrol S2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol S2 MK2 Driver        20/07/2014        
Native Instruments Traktor Kontrol S2 MK2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol S4 Driver        20/07/2014        
Native Instruments Traktor Kontrol S4 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol S4 MK2 Driver        20/07/2014        
Native Instruments Traktor Kontrol S4 MK2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol X1 Driver        20/07/2014        
Native Instruments Traktor Kontrol X1 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol X1 MK2 Driver        20/07/2014        
Native Instruments Traktor Kontrol X1 MK2 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol Z1 Driver        20/07/2014        
Native Instruments Traktor Kontrol Z1 Driver    Native Instruments    20/07/2014        
Native Instruments Traktor Kontrol Z2 Driver        20/07/2014        
Native Instruments Traktor Kontrol Z2 Driver    Native Instruments    20/07/2014        
NVIDIA 3D Vision Controller Driver 301.42    NVIDIA Corporation    21/06/2012        301.42
NVIDIA Graphics Driver 301.42    NVIDIA Corporation    21/06/2012        301.42
NVIDIA HD Audio Driver 1.3.16.0    NVIDIA Corporation    21/06/2012        1.3.16.0
NVIDIA PhysX System Software 9.12.0213    NVIDIA Corporation    21/06/2012        9.12.0213
NVIDIA Update 1.8.15    NVIDIA Corporation    21/06/2012        1.8.15
QuickTime    Apple Inc.    1/06/2012    73.2 MB    7.72.80.56
RealPlayer    RealNetworks    2/10/2013    91.7 MB    16.0.3
Realtek USB 2.0 Card Reader    Realtek Semiconductor Corp.    19/08/2011        3.0.1.3
Skype Click to Call    Microsoft Corporation    12/10/2014    7.14 MB    7.3.16540.9015
Skype™ 7.0    Skype Technologies S.A.    26/12/2014    48.2 MB    7.0.102
Spotify    Spotify AB    19/04/2014        0.9.8.296.g91f68827
Synaptics Pointing Device Driver    Synaptics Incorporated    19/08/2011    46.4 MB    15.0.17.4
Telstra Mobile Broadband Manager    Telstra    9/11/2011        3.0.514
Torq 2.0.1    Avid Technology    23/06/2014        2.01.14302
Visual C++ Redistributables    PACE Anti-Piracy, Inc.    17/08/2012    268 KB    1.00.0000
Visual Studio 2008 x64 Redistributables    AVG Technologies    7/11/2011    11.7 MB    10.0.0.2
Visual Studio 2010 x64 Redistributables    AVG Technologies    14/12/2012    12.4 MB    13.0.0.1
Visual Studio 2012 x64 Redistributables    AVG Technologies    8/10/2013    12.9 MB    14.0.0.1
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    8/10/2013    10.5 MB    14.0.0.1
VLC media player 2.0.0    VideoLAN    21/11/2013        2.0.0
Winamp    Nullsoft, Inc    7/11/2011        5.622
Winamp Detector Plug-in    Nullsoft, Inc    7/11/2011    63.0 KB    1.0.0.1
Windows Driver Package - Cmotech (cmusbnet) Net  (06/11/2007 2.0.0.9)    Cmotech    9/11/2011        06/11/2007 2.0.0.9
Windows Driver Package - Cmotech Modem  (06/08/2007 2.0.3.9)    Cmotech    9/11/2011        06/08/2007 2.0.3.9
Windows Driver Package - Cmotech Ports  (06/08/2007 2.0.3.9)    Cmotech    9/11/2011        06/08/2007 2.0.3.9
Windows Live Essentials    Microsoft Corporation    13/06/2012        15.4.3555.0308
WinRAR 4.01 (64-bit)    win.rar GmbH    6/10/2011        4.01.0
µTorrent    BitTorrent Inc.    2/11/2014        3.4.2.34944
 

 

 

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    Facebook Update    Facebook Inc.    "C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
No    HKCU:Run    Google Update        "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Yes    HKCU:Run    LightScribe Control Panel    Hewlett-Packard Company    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
No    HKCU:Run    News.net        C:\Program Files\News.net\BreakingNews\DesktopContainer.exe
No    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
No    HKCU:Run    Spotify    Spotify Ltd    "C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
No    HKCU:Run    Spotify Web Helper    Spotify Ltd    "C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
No    HKCU:Run    uTorrent    BitTorrent Inc.    "C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
Yes    HKCU:RunOnce    Adobe Speed Launcher        1422523337
Yes    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
No    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes    HKLM:Run    AVG_UI    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
No    HKLM:Run    BigPondWirelessBroadbandCM    Telstra    "C:\Program Files (x86)\Telstra\Mobile Broadband Manager\TelstraUCM.exe" -tsr
No    HKLM:Run    iTunesHelper    Apple Inc.    "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes    HKLM:Run    M-Audio Taskbar Icon    Avid Technology, Inc.    C:\Windows\system32\M-AudioTaskBarIcon.exe
Yes    HKLM:Run    MSC    Microsoft Corporation    "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
Yes    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes    HKLM:Run    SysTrayApp    IDT, Inc.    C:\Program Files\IDT\WDM\sttray64.exe
No    HKLM:Run    TkBellExe    RealNetworks, Inc.    "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
No    HKLM:Run    WinampAgent    Nullsoft, Inc.    "C:\Program Files (x86)\Winamp\winampa.exe"
Yes    Startup User    Ether Software MP3 AVI MPEG WMV RM to Audio CD Burner v1.4.22 with Key [TorDigger].lnk        C:\ProgramData\{d2e22284-3fda-5393-d2e2-222843fd8a10}\Ether Software MP3 AVI MPEG WMV RM to Audio CD Burner v1.4.22 with Key [TorDigger].exe
 

 

Mylaptop seems to running pretty good now...is there anyhting else i can do to tune it up and enusre that its running at full speed?

 

Marty



#7 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:11 PM

Posted 30 January 2015 - 09:08 AM

Uninstall these programs:

Adobe AIR    Adobe Systems Incorporated    30/09/2011        2.7.1.19610

Apple Application Support    Apple Inc.    26/09/2012    64.5 MB    2.2.2

Apple Mobile Device Support    Apple Inc.    26/09/2012    23.7 MB    6.0.0.59
Apple Software Update    Apple Inc.    12/03/2012    2.38 MB    2.1.3.127

Bonjour    Apple Inc.    26/09/2012    2.00 MB    3.0.0.10

ESET Online Scanner v3        28/01/2015

Google Chrome    Google Inc.    16/08/2013        40.0.2214.93

HP Support Assistant    Hewlett-Packard Company    19/08/2011    77.7 MB    6.0.5.4

iTunes    Apple Inc.    26/09/2012    182 MB    10.7.0.21

Java 7 Update 67    Oracle    11/08/2014    118 MB    7.0.670  (most users don't need Java and it is a malware magnet if not updated with the latest security updates)

QuickTime    Apple Inc.    1/06/2012    73.2 MB    7.72.80.56
RealPlayer    RealNetworks    2/10/2013    91.7 MB    16.0.3

Skype Click to Call    Microsoft Corporation    12/10/2014    7.14 MB    7.3.16540.9015

Spotify    Spotify AB    19/04/2014        0.9.8.296.g91f68827

VLC media player 2.0.0    VideoLAN    21/11/2013        2.0.0 (Get the latest version...VLC)

Winamp    Nullsoft, Inc    7/11/2011        5.622
Winamp Detector Plug-in    Nullsoft, Inc    7/11/2011    63.0 KB    1.0.0.1

WinRAR 4.01 (64-bit)    win.rar GmbH    6/10/2011        4.01.0
µTorrent    BitTorrent Inc.    2/11/2014        3.4.2.34944 

 

Disable these Startups:

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes    HKCU:Run    LightScribe Control Panel    Hewlett-Packard Company    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

Yes    HKCU:RunOnce    Adobe Speed Launcher        1422523337

Yes    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Yes    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

Yes    Startup User    Ether Software MP3 AVI MPEG WMV RM to Audio CD Burner v1.4.22 with Key [TorDigger].lnk        C:\ProgramData\{d2e22284-3fda-5393-d2e2-222843fd8a10}\Ether Software MP3 AVI MPEG WMV RM to Audio CD Burner v1.4.22 with Key [TorDigger].exe

 

Run another scan using AdwCleaner. Allow it to clean what it finds.

 

Check the settings for MBAM to be sure it is scanning for PUPS and rootkits.  (PUP....potentially unwanted program)

 

If you have a program that is being stubborn about uninstalling, use Revo Uninstaller. Use the Advanced setting for it.

Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems

 

EDIT: You can use CCleaner to Uninstall programs or Disable Startups. Highlight each item by clicking on it that you want to Uninstall or Disable and then

on the right choose Uninstall or Disable.


Edited by buddy215, 30 January 2015 - 09:22 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Marty_J

Marty_J
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:41 PM

Posted 08 February 2015 - 10:17 PM

Thanks mate all seems to be good



#9 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:11 PM

Posted 09 February 2015 - 09:58 AM

You're welcome...enjoyed working with you...happy surfin' !


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users