Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

All internet browser keep crashing. Suspicious sign in some website accounts.


  • Please log in to reply
7 replies to this topic

#1 alisoncatki

alisoncatki

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 09 January 2016 - 06:03 AM

Last month, my google chrome start crashing frequently for no reason.
Some people said it might be the shockwave flash problem.
So, I followed those instructions, trying to solve it. But it didn't worked.
After that, I tried to download another internet browser (FireFox).
But it still keep crashing just like using goole chrome.
I also received some emails to inform me that "Suspicious sign in detected on your Twitter account" or "Suspicious Activity on Your PayPal account".
Luckily, I haven't bind any credit card yet.

I need HELP:(



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,881 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 PM

Posted 09 January 2016 - 12:41 PM

See what the programs below can find and remove.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 alisoncatki

alisoncatki
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 09 January 2016 - 03:49 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/1/2016
Scan Time: 1:53
Logfile: 5454.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.09.03
Rootkit Database: v2016.01.05.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CatKi
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385184
Time Elapsed: 26 min, 2 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 10
PUP.Optional.ChinAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|QyBrowser.exe, 9000, Quarantined, [3661a88f82176fc7df359187a95b7789]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{791F13A7-20F7-47A4-9FD2-A187439CB2D1}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe|Name=GpUpdate|Desc=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe|, Quarantined, [7027e2559405b77ff7e293821aeab54b]
PUP.Optional.ChinAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ABBC9AE3-F1EA-4AD0-8E62-B699C5F82FF5}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\GeePlayer\GeePlayer.exe|Name=GeePlayer|Desc=C:\Other appcation\IQIYI Video\GeePlayer\GeePlayer.exe|, Quarantined, [5a3d69ce5544d561ede6d93c1ce841bf]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C99C2E23-3CF1-493C-8553-19F4EA318299}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe|Name=QyUpdate|Desc=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe|, Quarantined, [abecd0671e7b59dd6b6ea57017ed08f8]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{15DBEF6E-BD96-4BEC-81A3-E0D19BB4AB08}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\LStyle\QyClient.exe|Name=QyClient|Desc=C:\Other appcation\IQIYI Video\LStyle\QyClient.exe|, Quarantined, [f0a756e126733bfbad2caf6652b2f808]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7720947C-1994-483F-B851-6C24CFD8BD1B}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\LStyle\QyWebPlayer.exe|Name=QyWebPlayer|Desc=C:\Other appcation\IQIYI Video\LStyle\QyWebPlayer.exe|, Quarantined, [4b4c41f66237f24436a3e530ba4a7e82]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{735EC14A-FF92-42E3-95FD-61603C0C4AEB}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\Common\QyKernel.exe|Name=QyKernel|Desc=C:\Other appcation\IQIYI Video\Common\QyKernel.exe|, Quarantined, [abecb7805d3c23135b7e25f05ea6e31d]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F6BC40FF-254A-48A1-943B-944217621F47}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\LStyle\QyPlayer.exe|Name=QyPlayer|Desc=C:\Other appcation\IQIYI Video\LStyle\QyPlayer.exe|, Quarantined, [e2b59f9872273bfb25b425f030d430d0]
PUP.Optional.IQIYI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D861FB51-11D7-4A6C-9401-957180FBB3B3}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe|Name=GpUpdate|Desc=C:\Users\CatKi\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe|, Quarantined, [4057cc6b83163bfbc01941d409fb23dd]
PUP.Optional.ChinAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{847D68A7-D3F5-4DA8-B9CD-8B9BC09455FE}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Other appcation\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe|Name=GeePlayer|Desc=C:\Other appcation\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe|, Quarantined, [e7b0c86f9405bb7bc40fb95ceb1948b8]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
# AdwCleaner v5.028 - Logfile created 10/01/2016 at 02:32:40
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : CatKi - CATKI-PC
# Running from : C:\Other appcation\Cleaning\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\Program Files (x86)\tencent
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\QvodPlayer
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
Folder Found : C:\Users\CatKi\AppData\Local\tencent
Folder Found : C:\Users\CatKi\AppData\LocalLow\tencent
Folder Found : C:\Users\CatKi\AppData\Roaming\SogouExplorer
Folder Found : C:\Users\CatKi\AppData\Roaming\tencent
Folder Found : C:\Users\Public\Documents\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
 
***** [ Files ] *****
 
File Found : C:\Users\CatKi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_v.qq.com_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\CLASSES\METNSD
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
 
***** [ Web browsers ] *****
 
[C:\Users\CatKi\AppData\Local\Google\Chrome SxS\User Data\Default\Web data] [Search Provider] Found : delta-search.com
[C:\Users\CatKi\AppData\Local\Google\Chrome SxS\User Data\Default\Web data] [Search Provider] Found : www2.delta-search.com
[C:\Users\CatKi\AppData\Local\Google\Chrome SxS\User Data\Default\Web data] [Search Provider] Found : claro-search.com
[C:\Users\CatKi\AppData\Local\Google\Chrome SxS\User Data\Default\Web data] [Search Provider] Found : the-sims-2-body-shop.en.softonic.com
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2579 bytes] ##########
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by CatKi (Administrator) on 10/01/2016 週日 at  2:42:05.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 16 
 
Failed to delete: C:\Users\Public\thunder network (Folder) 
Failed to delete: C:\Users\CatKi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIFMCON0 (Folder) 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\CatKi\Appdata\LocalLow\thunder network (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Roaming\3909 (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Roaming\alipay (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Roaming\taobaoprotect (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\AliUpdater{4481D19E-1793-4EDA-9306-8D23DBA765F5} (Task)
Successfully deleted: C:\Windows\system32\Tasks\AliUpdater{874382D1-46E6-4140-A1D7-246F0D23F666} (Task)
Successfully deleted: C:\Windows\Tasks\AliUpdater{4481D19E-1793-4EDA-9306-8D23DBA765F5}.job (Task) 
Successfully deleted: C:\Windows\Tasks\AliUpdater{874382D1-46E6-4140-A1D7-246F0D23F666}.job (Task) 
Successfully deleted: C:\Program Files (x86)\alipay (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBUY5NNT (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WI0IV1PB (Folder) 
Successfully deleted: C:\Users\CatKi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4ZFWTJX (Folder) 
Successfully deleted: C:\Windows\system32\REND96E.tmp (File) 
 
 
 
Registry: 15 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\aliim (Registry Value) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0 (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npalicert (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npalidcp (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npaliedit (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npaliinethealth (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npalisecctrl (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@alipay.com/npcombrg701,version=1.0.2011.701 (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@qq.com/npqscall (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@qq.com/qqminidlplugin (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@qq.com/qqphotodrawex (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@qq.com/qzonemusic (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@tencent.com/npqqmailwebkit,version=1.0.0.1 (Registry Key) 
Successfully deleted: HKLM\Software\MozillaPlugins\@tencent.com/nptxftnwebkit,version=1.0.0.1 (Registry Key) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDD362CF-523B-4BC9-8FDC-58F93B6BC945} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/01/2016 週日 at  2:46:57.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 buddy215

buddy215

  • BC Advisor
  • 12,881 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 PM

Posted 09 January 2016 - 04:16 PM

Once the Eset scan has finished and you have posted its results, do this please.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 alisoncatki

alisoncatki
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 09 January 2016 - 04:59 PM

ESET OnlineScan: no infection

 

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Other appcation\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Other appcation\CCleaner\CCleaner64.exe" /MONITOR
Yes    HKCU:Run    Google Update    Google Inc.    "C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
No    HKCU:Run    LonelyWriter        C:\Other appcation\LonelyWriter\LonelyWriter.exe -autostart
No    HKCU:Run    Steam    Valve Corporation    "C:\Other appcation\Steam\steam.exe" -silent
Yes    HKCU:Run    winupbb        "C:\ProgramData\winupbbf\iuznffnsd.exe"
No    HKCU:Run    tbMobileService    Tongbu    C:\Other appcation\Tongbu\tbMobileService.exe /start
No    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No    HKLM:Run    BlueStacks Agent    BlueStack Systems, Inc.    C:\Program Files (x86)\BlueStacks\HD-Agent.exe
Yes    HKLM:Run    HP Software Update    Hewlett-Packard    C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Yes    HKLM:Run    IntelliPoint    Microsoft Corporation    "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
No    HKLM:Run    iTunesHelper    Apple Inc.    "C:\Program Files\iTunes\iTunesHelper.exe"
No    HKLM:Run    KrakenLauncher    Razer Inc    C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe /start
Yes    HKLM:Run    LogMeIn Hamachi Ui    LogMeIn Inc.    "C:\Other appcation\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
No    HKLM:Run    MMReminderService    Mindjet    C:\Other appcation\Mindmanager\MMReminderService.exe
Yes    HKLM:Run    NvBackend    NVIDIA Corporation    "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
No    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Other appcation\QuickTime\QTTask.exe" -atboottime
No    HKLM:Run    QvodTerminal    Shenzhen QVOD Technology Co.,Ltd    "C:\Other appcation\QvodPlayer\QvodTerminal.exe" -autorun
No    HKLM:Run    Razer Synapse    Razer Inc.    "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
Yes    HKLM:Run    RTHDVCPL    Realtek Semiconductor    "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
Yes    HKLM:Run    ShadowPlay    Microsoft Corporation    C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
No    HKLM:Run    SoftEther VPN Client UI Helper    SoftEther VPN Project at University of Tsukuba, Japan.    "C:\Other appcation\VPN Client\vpnclient_x64.exe" /uihelp
Yes    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
No    Startup Common    SoftEther VPN Client.lnk    SoftEther VPN Project at University of Tsukuba, Japan.    C:\OTHERA~1\VPNCLI~1\VPNCMG~1.EXE /startup
Yes    Startup User    Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Other appcation\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3659652305-1466919439-3591002255-1000Core    Google Inc.    C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3659652305-1466919439-3591002255-1000UA    Google Inc.    C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCustPartic.exe_{5EE4F9B3-FCDE-4057-8CD7-CD57648A1506}    Hewlett-Packard Co.    C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe /installoptin /cc us /zipcode N/A /usagetype 002 /lang en
Yes    Task    HPCustParticipation HP Deskjet 1050 J410 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x0800
Yes    Task    iToolsDaemon        C:\Other appcation\Itool\iToolsDaemon.exe
Yes    Task    {AD544787-DD29-4995-A5D8-D99E64B39550}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\






7-Zip 9.38 (x64 edition)    Igor Pavlov    27/2/2015    4.66 MB    9.38.00.0
Adobe Flash Player 20 ActiveX    Adobe Systems Incorporated    10/1/2016    17.6 MB    20.0.0.270
Adobe Flash Player 20 NPAPI    Adobe Systems Incorporated    29/12/2015    9.04 MB    20.0.0.267
Alipay Cert Component 2.6.0.0    Alipay.com Co., Ltd.    11/11/2015        2.6.0.0
Apple Mobile Device Support    Apple Inc.    1/10/2015    28.0 MB    9.0.0.26
Apple Software Update    Apple Inc.    1/10/2015    2.39 MB    2.1.4.131
Apple application support (32 bit)    Apple Inc.    1/10/2015    114 MB    4.0.3
Apple application support (64 bit)    Apple Inc.    1/10/2015    121 MB    4.0.3
Audacity 2.0.6    Audacity Team    8/2/2015    47.2 MB    2.0.6
Bandicam    Bandisoft.com    19/12/2015    37.1 MB    3.0.1.1002
Bandisoft MPEG-1 Decoder    Bandisoft.com    19/12/2015        
BattleBlock Theater    The Behemoth    25/1/2015        
beanfun!    Gamania Inc.    25/1/2015        2.0.93.169
BitTorrent    BitTorrent Inc.    8/8/2015        7.9.3.40761
BLACK WOLVES SAGA -Bloody Nightmare-    Rejet    23/8/2015    15.9 MB    1.0.0
BlueStacks App Player 0.9.6.4092 SuperUser BSEasy    BlueStack Systems, Inc.    18/4/2015    892 MB    0.9.6.4092
BlueStacks IMEI Generator    MUH    18/4/2015    5.08 MB    1.0.0
Bonjour    Apple Inc.    1/10/2015    2.09 MB    3.1.0.1
CCleaner    Piriform    25/1/2015        5.01
Cities: Skylines    Colossal Order Ltd.    4/8/2015        
CONSORTIUM        9/8/2015    5.85 GB    1
Contagion    Monochrome, Inc    14/8/2015        
DAEMON Tools Lite    Disc Soft Ltd    7/2/2015        4.48.1.0348
DayZ    Bohemia Interactive    25/1/2015        
Desura    Desura    25/10/2015        100.64
Desura: Zombie Grinder    Twin Drills    26/10/2015    1.65 MB    Alpha
Don't Starve    Klei Entertainment    25/1/2015        
Don't Starve Together Beta    Klei Entertainment    25/1/2015        
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist    Crows Crows Crows    13/12/2015        
Dungeon Defenders II    Trendy Entertainment    9/10/2015        
Epic Games Launcher    Epic Games, Inc.    14/6/2015    189 MB    1.1.29.0
ESET Online Scanner v3        10/1/2016        
Fallout Mod Manager 0.13.21    Q, Timeslip    16/6/2015    3.86 MB    
Fraps (remove only)        4/5/2015        
Freemake Audio Converter Version 1.1.3    Ellora Assets Corporation    10/5/2015    50.0 MB    1.1.3
Garry's Mod    Facepunch Studios    25/1/2015        
Genymotion version 2.3.1    Genymobile    6/5/2015    187 MB    2.3.1
Google Chrome    Google Inc.    13/12/2015        47.0.2526.106
Google Chrome Canary    Google Inc.    1/1/2016        49.0.2617.0
Guild Wars 2    NCsoft Corporation, Ltd.    26/1/2015        
H1Z1    Sony Online Entertainment    8/3/2015        
HELLDIVERS        8/12/2015    1.48 MB    
HP Deskjet 1050 J410 series Basic Device Software    Hewlett-Packard Co.    30/6/2015    102 MB    28.0.1313.0
HP Deskjet 1050 J410 series Help    Hewlett Packard    17/4/2015    7.19 MB    140.0.66.66
HP Deskjet 1050 J410 series Product Improvement Study    Hewlett-Packard Co.    17/4/2015    8.31 MB    28.0.1313.0
HP Update    Hewlett-Packard    17/4/2015    4.04 MB    5.005.002.002
iCloud    Apple Inc.    1/10/2015    91.6 MB    4.1.1.53
iFunbox (v2.94.2520.758), iFunbox DevTeam        30/3/2015    23.3 MB    v2.94.2520.758
Intel® Management Engine Components    Intel Corporation    3/11/2015        9.5.15.1730
Intel® Network Connections 18.8.136.0    Intel    25/1/2015    26.9 MB    18.8.136.0
Intel® Processor Graphics    Intel Corporation    3/11/2015        10.18.10.3540
Intel® Rapid Storage Technology    Intel Corporation    25/1/2015        13.0.3.1001
iTunes    Apple Inc.    1/10/2015    218 MB    12.3.0.44
Java 8 Update 65    Oracle Corporation    4/11/2015    21.0 MB    8.0.650.17
Java SE Development Kit 7 Update 75 (64-bit)    Oracle    31/3/2015    231 MB    1.7.0.750
LINE    LINE Corporation    12/12/2015        4.3.0.724
LogMeIn Hamachi    LogMeIn, Inc.    18/11/2015        2.2.0.410
mabinogi    devCAT    25/1/2015        
Malwarebytes Anti-Malware version 2.2.0.1024    Malwarebytes    10/1/2016    66.0 MB    2.2.0.1024
Microsoft .NET Framework 4.5.2    Microsoft Corporation    19/12/2015    38.8 MB    4.5.51209
Microsoft AppLocale    MS    25/1/2015    3.35 MB    1.0.0
Microsoft IntelliPoint 8.2    Microsoft Corporation    28/1/2015        8.20.468.0
Microsoft Office Professional Plus 2013    Microsoft Corporation    8/2/2015        15.0.4569.1506
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    30/5/2015    298 KB    8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    14/8/2015    570 KB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022    Microsoft Corporation    31/3/2015    2.52 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    25/4/2015    250 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    1/4/2015    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729    Microsoft Corporation    17/4/2015    608 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    25/4/2015    230 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    19/4/2015    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    13/2/2015    13.8 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    13/2/2015    11.1 MB    10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030    Microsoft Corporation    12/6/2015    20.5 MB    11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030    Microsoft Corporation    12/6/2015    17.3 MB    11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501    Microsoft Corporation    9/11/2015    20.5 MB    12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501    Microsoft Corporation    13/11/2015    17.1 MB    12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)    Microsoft Corporation    13/2/2015        10.0.50903
Microsoft Windows Application Compatibility Database        25/1/2015        
Microsoft XNA Framework Redistributable 4.0 Refresh    Microsoft Corporation    31/8/2015    8.03 MB    4.0.30901.0
Mindjet MindManager 2012    Mindjet    29/5/2015    233 MB    10.0.445
Minecraft    Mojang    10/5/2015    1.22 MB    1.0.3.0
Mozilla Firefox 42.0 (x86 zh-TW)    Mozilla    15/12/2015    86.8 MB    42.0
Mozilla Firefox 43.0.4 (x86 zh-TW)    Mozilla    7/1/2016    89.3 MB    43.0.4
Mozilla Maintenance Service    Mozilla    15/12/2015    250 KB    42.0
Nexus Mod Manager    Black Tree Gaming    19/12/2015    22.7 MB    0.61.4
Norton Internet Security    Symantec Corporation    16/12/2015        22.5.5.15
Norton Security Scan    Symantec Corporation    16/12/2015        4.3.0.43
NVIDIA 3D Vision Controller Driver 347.09    NVIDIA Corporation    25/1/2015        347.09
NVIDIA 3D Vision Driver 347.25    NVIDIA Corporation    25/1/2015        347.25
NVIDIA GeForce Experience 2.1.1.1    NVIDIA Corporation    25/1/2015        2.1.1.1
NVIDIA Graphics Driver 347.25    NVIDIA Corporation    25/1/2015        347.25
NVIDIA HD Audio Driver 1.3.33.0    NVIDIA Corporation    25/11/2015        1.3.33.0
NVIDIA PhysX    NVIDIA Corporation    12/12/2015    160 MB    9.14.0702
OpenAL        26/10/2015        
Origin    Electronic Arts, Inc.    9/11/2015        9.10.1.1501
osu!    ppy Pty Ltd    19/10/2015    123 MB    latest
Party Hard        1/10/2015    927 MB    1
PDF-XChange 3    Tracker Software    29/5/2015        
Plague Inc: Evolved    Ndemic Creations    4/1/2016        
Please, Don Touch Anything version 1.6.6.6        31/12/2015    62.9 MB    1.6.6.6
QuickTime 7    Apple Inc.    10/7/2015    70.3 MB    7.77.80.95
Razer Synapse    Razer Inc.    8/2/2015    7.38 MB    1.18.19.23944
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    25/1/2015        6.0.1.7200
Rememoried        6/9/2015    1.01 GB    1
Risk of Rain        25/1/2015        
Rockstar Games Social Club    Rockstar Games    8/6/2015        1.0.9.5
RPG Maker XP 1.01    GameZero    2/1/2016        1.01
SKYHILL        8/10/2015    127 MB    1
Skype™ 7.12    Skype Technologies S.A.    26/10/2015    75.2 MB    7.12.101
SoftEther VPN Client    SoftEther VPN Project    29/3/2015        4.15.9538
Sophos Virus Removal Tool    Sophos Limited    3/11/2015    138 MB    2.5.4
Steam    Valve Corporation    25/1/2015        2.10.91.91
System Requirements Lab CYRI    Husdawg, LLC    25/1/2015    606 KB    6.0.21.0
System Requirements Lab Detection    Husdawg, LLC    25/1/2015    659 KB    2.2.4.0
TeamViewer 10    TeamViewer    13/8/2015        10.0.45862
Terraria    Re-Logic    4/1/2016        
The Beginner's Guide    Everything Unlimited    7/10/2015        1.0.0.0
The Sims™ 4    Electronic Arts Inc.    8/11/2015    9.48 GB    1.10.57.1020
The Wolf Among Us Complete First Season version 1.0 u5    Telltale Games    29/8/2015    5.91 GB    1.0 u5
TOUKIDEN Kiwami        10/8/2015    1.48 MB    
Trove    Trion Worlds    31/12/2015        
Undertale    tobyfox    29/12/2015        
Unity Web Player    Unity Technologies ApS    2/6/2015    12.0 MB    4.6.1f1
Unlocker 1.9.2    Cedrick Collomb    18/6/2015        1.9.2
Unturned    Nelson Sexton    10/5/2015        
WinRAR 5.21 beta 1 (64-bit)    win.rar GmbH    25/1/2015        5.21.1
LonelyWriter        27/5/2015        
Qvod 5.20.248    Shenzhen Qvod Technology Co.,Ltd    15/6/2015        5.20.248
Alipay 5.3.0.3807    Alipay.com Co., Ltd.    21/4/2015        5.3.0.3807
 



#6 buddy215

buddy215

  • BC Advisor
  • 12,881 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 PM

Posted 09 January 2016 - 05:44 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes    HKCU:Run    Google Update    Google Inc.    "C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

Yes    HKCU:Run    winupbb        "C:\ProgramData\winupbbf\iuznffnsd.exe" (DELETE...not just Disable)

Yes    HKLM:Run    ShadowPlay    Microsoft Corporation    C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

Yes    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Yes    Startup User    Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk    Microsoft Corporation    C:\Windows\system32\RunDll32.exe

 

Disable these Scheduled Tasks:

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3659652305-1466919439-3591002255-1000Core    Google Inc.    C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3659652305-1466919439-3591002255-1000UA    Google Inc.    C:\Users\CatKi\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

Yes    Task    HPCustPartic.exe_{5EE4F9B3-FCDE-4057-8CD7-CD57648A1506}    Hewlett-Packard Co.    C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe /installoptin /cc us /zipcode N/A /usagetype 002 /lang en
Yes    Task    HPCustParticipation HP Deskjet 1050 J410 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x0800

Yes    Task    iToolsDaemon        C:\Other appcation\Itool\iToolsDaemon.exe

Yes    Task    {AD544787-DD29-4995-A5D8-D99E64B39550}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\

 

Uninstall these programs:

BitTorrent    BitTorrent Inc.    8/8/2015        7.9.3.40761 (VERY risky to use to download free stuff like movies, music, pirated software, etc. )

DAEMON Tools Lite    Disc Soft Ltd    7/2/2015        4.48.1.0348

ESET Online Scanner v3        10/1/2016      

Google Chrome Canary    Google Inc.    1/1/2016        49.0.2617.0 (unless you are a developer I suggest uninstalling)

Java SE Development Kit 7 Update 75 (64-bit)    Oracle    31/3/2015    231 MB    1.7.0.750 (Unless you have a specific use for...uninstall)

Mozilla Firefox 42.0 (x86 zh-TW)    Mozilla    15/12/2015    86.8 MB    42.0 (odd that there are two Firefox browsers installed)

Sophos Virus Removal Tool    Sophos Limited    3/11/2015    138 MB    2.5.4

 

Tell me about any problems


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 alisoncatki

alisoncatki
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:40 AM

Posted 10 January 2016 - 08:46 AM

OMG Thank you so much.

It seems like the crashing problem of Chrome has been solved. 

Thanks a million.



#8 buddy215

buddy215

  • BC Advisor
  • 12,881 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 PM

Posted 10 January 2016 - 09:11 AM

You're welcome...enjoyed working with you...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users