Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected? Computer acting weird


  • Please log in to reply
19 replies to this topic

#1 meatman920

meatman920

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 11:17 AM

Okay, so my computer has been acting really slow recently as of the last week.  The stuff that makes me think like this is that when i do task manager there is 3 processses running called conhost.exe and I think having 3 of these is bad.  Also, computer has been slower then usual and im not sure what's going on.  I have windows 7 btw, all help is appreciated thanks :)



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 12:06 PM

WELCOME TO BC...

 

From the web: 

If you're particularly worried that these might be malware pretending to be conhost, the best thing to do is to open Task Manager, navigate to the "Processes" tab, right click on the process you're worried about and select "Open File Location".

In the explorer window that opens up, right click on the application and click "View Properties" and look for a "Digital Signatures" tab. All Microsoft executables will have a Digital Signature verifying that the application is a genuine Microsoft application, and forging a Digital Signature is at least as hard as decrypting an SSL session between you and your bank, so you can rest assured that the executable is genuine.

 

There can be several slowness causes. I suggest first scanning your computer for adware and malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 18 January 2016 - 12:07 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 01:11 PM

Malwarebytes log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 1/18/2016
Scan Time: 10:43 AM
Logfile: log4help.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.18.04
Rootkit Database: v2016.01.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: susana
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399779
Time Elapsed: 24 min, 36 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\ConduitEngine, Quarantined, [d24ad66551488ea87d983f64ac57837d], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 01:21 PM

ADWCLEANER:

 

# AdwCleaner v5.030 - Logfile created 18/01/2016 at 11:17:23
# Updated 17/01/2016 by Xplode
# Database : 2016-01-17.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : susana - SUSANA-PC
# Running from : C:\Users\susana\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\susana\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\susana\AppData\Roaming\Yahoo!\Companion
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.shopathome.com_0.localstorage
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.shopathome.com_0.localstorage-journal
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] File Deleted : C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Freecause
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inbox.com
 
***** [ Web browsers ] *****
 
[-] [C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : apiok.ru
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3893 bytes] ##########

 



#5 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 01:35 PM

JRT LOG:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by susana (Administrator) on Mon 01/18/2016 at 11:24:28.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 14 
 
Successfully deleted: C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage (File) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AOHZ1FO (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6NFJM8JQ (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JLCRXP9 (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LVB2FII (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BRVU4FR4 (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D0XYI54U (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D550YOHT (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q4NBUG36 (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRQ10T62 (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXRZTT0P (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VB8ZV1E1 (Folder) 
Successfully deleted: C:\Users\susana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VY3090CB (Folder) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/18/2016 at 11:32:57.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 01:54 PM

Okay...after posting the results of the Eset Online scanner...do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 04:24 PM

ESET SCAN:

 

C:\Users\susana\AppData\Local\Mozilla\Firefox\Profiles\xutxmewc.default\cache2\entries\18018DBE4DCE75A4370F7099EE84203196AFA1A7 JS/Kryptik.ALB trojan cleaned by deleting

C:\Users\susana\AppData\Local\Mozilla\Firefox\Profiles\xutxmewc.default\cache2\entries\CF8007B3EC8341192E53D946788805C928967E3B JS/Kryptik.ALB trojan deleted
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\ConduitEngine\ConduitEngine.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application cleaned by deleting


#8 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 04:31 PM

Internet explorer CC Cleaner:

 

Yes Extension HP Smart Print Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

Yes Extension Launches HP Network Check that helps you solve connection issues Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
Yes Extension Research Microsoft Corporation C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
Yes Extension Send to OneNote Microsoft Corporation C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
No Helper HP Network Check Helper Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
No Helper HP Network Check Helper Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
Yes Helper Java™ Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
No Helper Java™ Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
Yes Helper Windows Live Sign-in Helper Microsoft Corporation C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 
Firefox CC Cleaner:
 
Yes Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 39.0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Yes Plugin Facebook Video Calling Plugin 3.1.0.521 Skype Limited default Firefox 39.0 C:\Users\susana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
Yes Plugin Google Earth Plugin 7.1.2.2041 Google default Firefox 39.0 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Yes Plugin Google Talk Plugin 5.41.2.0 Google default Firefox 39.0 C:\Users\susana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
Yes Plugin Google Talk Plugin Video Renderer 5.41.2.0 Google default Firefox 39.0 C:\Users\susana\AppData\Roaming\Mozilla\plugins\npo1d.dll
Yes Plugin Google Update 1.3.28.1 default Firefox 39.0 C:\Users\susana\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll
Yes Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 39.0 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
Yes Plugin Java Deployment Toolkit 8.0.450.14 11.45.2.14 Oracle Corporation default Firefox 39.0 C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Yes Plugin Java™ Platform SE 8 U45 11.45.2.14 Oracle Corporation default Firefox 39.0 C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Yes Plugin McAfee SecurityCenter 14.0.1076.0 McAfee, Inc. default Firefox 39.0 c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
Yes Plugin Nexon Game Controller 1.0.1.2 Nexon default Firefox 39.0 C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
Yes Plugin OpenH264 Video Codec 1.4 default Firefox 39.0 C:\Users\susana\AppData\Roaming\Mozilla\Firefox\Profiles\xutxmewc.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
Yes Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 39.0 C:\Users\susana\AppData\Roaming\Mozilla\Firefox\Profiles\xutxmewc.default\gmp-eme-adobe\12\eme-adobe.dll
Yes Plugin Roblox Launcher Plugin 1.2.8.25 default Firefox 39.0 C:\Program Files (x86)\Roblox\Versions\version-f14afd2ae3d44173\NPRobloxProxy.dll
Yes Plugin Shockwave for Director 12.1.5.155 Adobe Systems, Inc. default Firefox 39.0 C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll
Yes Plugin Silverlight Plug-In 5.1.40416.0 default Firefox 39.0 c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
 
 
Google Chrome CC CLeaner:
 
Yes App Gmail 8.1 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
Yes App Google Drive 14.1 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
Yes App Google Search 0.0.0.60 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
Yes App YouTube 4.2.8 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
Yes Extension AdBlock 2.46 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.46_0
Yes Extension Google Docs 0.9 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
Yes Extension Google Docs Offline 1.1 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0
Yes Extension SiteAdvisor 4.0.0.0 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0
 
 
Scheduled Tasks CC CLeaner:
 
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task AdobeAAMUpdater-1.0-susana-PC-susana Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task FacebookUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000Core Facebook Inc. C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes Task FacebookUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000UA Facebook Inc. C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000Core Google Inc. C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000UA Google Inc. C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task HPCeeScheduleForsusana Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForsusana (null)
Yes Task HPCustParticipation HP Officejet 4630 series Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe" /UA 13.0 /DDV 0x0b05
Yes Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
Yes Task McAfeeLogon McAfee, Inc. C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
Yes Task PCDRScheduledMaintenance PC-Doctor, Inc. C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe -fh scripts\monthly.xml -st PCDRScheduledMaintenance
Yes Task SidebarExecute Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes Task {03B4F4A8-F9BC-42AD-AED4-F84DAD55E93D} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.7.80.103/en/abandoninstall?page=tsProgressBar
Yes Task {2F81C66D-B0E3-42E2-969D-9DD0A7C802BF} dotPDN LLC C:\Users\susana\Documents\Roblox Games and programs\PaintDotNet.exe
Yes Task {47EAF647-4C6C-4010-A97A-23DF0426A6A0} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\susana\Downloads\forge-1.7.2-10.12.2.1121-installer-win.exe -d C:\Users\susana\Downloads
Yes Task {4D48C792-B76F-4430-B096-69E3F2428CF7} Skype Technologies S.A. C:\Program Files (x86)\Skype\Phone\Skype.exe
 
 
Context Menu CC Cleaner:
 
Yes File AccExt C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
Yes File McCtxMenuFrmWrk McAfee, Inc. c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll
Yes File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
Yes File WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
Yes File WinRAR32 Alexander Roshal C:\Program Files\WinRAR\rarext32.dll
Yes Folder AccExt C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
Yes Folder McCtxMenuFrmWrk McAfee, Inc. c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll
Yes Folder WinRAR Alexander Roshal C:\Program Files\WinRAR\rarext.dll
Yes Folder WinRAR32 Alexander Roshal C:\Program Files\WinRAR\rarext32.dll
 
 
CC Cleaner Install :
 
Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 1/9/2011
Adobe Acrobat Reader DC Adobe Systems Incorporated 1/12/2016 198 MB 15.010.20056
Adobe AIR Adobe Systems Incorporated 12/17/2014 15.0.0.356
Adobe Creative Cloud Adobe Systems Incorporated 12/23/2015 288 MB 3.4.1.181
Adobe Media Encoder CC 2015 Adobe Systems Incorporated 12/23/2015 1.29 GB 9.1.0
Adobe Premiere Pro CC 2015 Adobe Systems Incorporated 12/23/2015 1.95 GB 9.1.0
Adobe Shockwave Player 12.1 Adobe Systems, Inc. 12/17/2014 12.1.5.155
Apple Application Support (32-bit) Apple Inc. 6/22/2015 94.2 MB 3.1.3
Apple Application Support (64-bit) Apple Inc. 6/22/2015 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 6/22/2015 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 1/20/2012 2.38 MB 2.1.3.127
Auto Typer by MurGee v1.6 MurGee.com 12/24/2014 833 KB 1.6
AutoHotkey 1.1.14.04 Lexikos 5/1/2014 1.1.14.04
AutoIt v3.3.10.2 AutoIt Team 5/1/2014 3.3.10.2
BlueStacks App Player BlueStack Systems, Inc. 8/3/2015 0.9.30.9239
BlueStacks Notification Center BlueStack Systems, Inc. 6/18/2015 169 MB 0.9.30.9239
Bonjour Apple Inc. 1/21/2012 2.00 MB 3.0.0.10
CCleaner Piriform 1/18/2016 5.13
CodeBlocks The Code::Blocks Team 6/17/2015 13.12
Cok Free Auto Clicker 3.0 Cok Software 9/14/2014 757 KB 3.0
Compatibility Pack for the 2007 Office system Microsoft Corporation 1/13/2016 622 MB 12.0.6612.1000
Counter-Strike: Global Offensive Valve 9/27/2014
CyberLink DVD Suite Deluxe CyberLink Corp. 8/31/2009 16.4 MB 6.0.3101
ESET Online Scanner v3 1/18/2016
Facebook Video Calling 3.1.0.521 Skype Limited 8/8/2014 12.4 MB 3.1.521
FastFox NCH Software 11/18/2010
FL Studio 12 Image-Line 9/4/2015
FL Studio ASIO Image-Line 9/4/2015
GameVox 0.18.4.56 GameVox LLC 11/2/2015 41.7 MB 0.18.4.56
GIMP 2.8.14 The GIMP Team 6/18/2015 268 MB 2.8.14
Google Chrome Google Inc. 10/27/2009 47.0.2526.111
Google Earth Plug-in Google 12/18/2013 83.8 MB 6.0.2.2074
Google Talk Plugin Google 12/16/2015 15.1 MB 5.41.3.0
Gyazo 3.1.6 Nota Inc. 8/20/2015 22.1 MB
H1Z1 Daybreak Games 10/30/2015
Hardware Diagnostic Tools PC-Doctor, Inc. 12/6/2009 6.0.5434.08
HP Advisor Hewlett-Packard 10/4/2010 48.6 MB 3.3.12286.3436
HP Games WildTangent 9/8/2009 1.0.0.71
HP MediaSmart Demo Hewlett-Packard 8/31/2009 45.4 MB 1.00.0000
HP MediaSmart DVD Hewlett-Packard 4/5/2010 95.2 MB 3.0.3420
HP MediaSmart Movie Themes Hewlett-Packard 8/31/2009 399 MB 3.0.3102
HP MediaSmart Music/Photo/Video Hewlett-Packard 4/5/2010 314 MB 3.1.3601
HP MediaSmart SmartMenu Hewlett-Packard 8/31/2009 1.85 MB 3.0.28.2
HP Memories Disc Hewlett-Packard Company 2/14/2013 22.6 MB 1.0.4.805
HP Odometer Hewlett-Packard 8/31/2009 48.0 KB 2.10.0000
HP Officejet 4630 series Basic Device Software Hewlett-Packard Co. 3/26/2015 208 MB 32.3.198.49673
HP Officejet 4630 series Help Hewlett Packard 3/26/2015 10.5 MB 31.0.0
HP Photo Creations HP 3/26/2015 14.6 MB 1.0.0.7702
HP Product Detection HP 6/3/2012 1.86 MB 11.14.0001
HP Remote Solution TopSeed 8/31/2009 1.1.9.0
HP Setup Hewlett-Packard 8/31/2009 1.2.3220.3079
HP Support Assistant Hewlett-Packard Company 3/20/2014 80.2 MB 7.4.45.4
HP Support Information Hewlett-Packard 8/31/2009 160 KB 10.1.0002
HP Update Hewlett-Packard 3/26/2015 4.03 MB 5.005.002.002
I.R.I.S. OCR HP 3/26/2015 68.9 MB 12.3.4.0
iCloud Apple Inc. 6/22/2015 91.6 MB 4.1.1.53
IL Download Manager Image-Line 9/4/2015
Intel® Graphics Media Accelerator Driver Intel Corporation 9/27/2014 54.2 MB 8.15.10.1912
iTunes Apple Inc. 6/22/2015 233 MB 12.1.2.27
Java 8 Update 25 Oracle Corporation 1/18/2015 73.3 MB 8.0.250
Java 8 Update 45 Oracle Corporation 6/12/2015 77.1 MB 8.0.450
join.me LogMeIn, Inc. 7/3/2015 2.1.0.806
LabelPrint CyberLink Corp. 8/31/2009 230 MB 2.5.1901
League of Legends Riot Games 9/6/2015 3.0.1
LightScribe System Software LightScribe 8/31/2009 22.4 MB 1.18.5.1
LSI PCI-SV92EX Soft Modem LSI Corporation 8/31/2009 16.0 KB 2.2.96
Macro Recorder 5.7.4 Jitbit Software 4/4/2014 2.19 MB 5.7.4
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 1/18/2016 66.0 MB 2.2.0.1024
MapleStory 12/5/2010
McAfee All Access – Total Protection McAfee, Inc. 1/17/2016 14.0.4121
McAfee WebAdvisor McAfee, Inc. 12/2/2015 4.0.207
Microsoft .NET Framework 4.5.2 Microsoft Corporation 12/17/2014 38.8 MB 4.5.51209
Microsoft LifeCam Microsoft Corporation 10/24/2009 59.0 MB 3.0.215.0
Microsoft Live Search Toolbar Microsoft Live Search Toolbar 9/8/2009 3.0.560.0
Microsoft Office File Validation Add-In Microsoft Corporation 5/14/2014 10.9 MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 1/19/2014 12.0.6612.1000
Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Corporation 1/12/2016 131 MB 12.0.6612.1000
Microsoft Silverlight Microsoft Corporation 1/13/2016 449 MB 5.1.41212.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 10/25/2009 260 KB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 10/25/2009 252 KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 11/15/2011 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 8/31/2009 708 KB 8.0.61000
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 10/25/2009 212 KB 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 10/25/2009 200 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 8/31/2009 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/15/2011 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 8/31/2009 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9/24/2012 226 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/15/2011 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 10/30/2015 16.7 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 10/30/2015 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 9/16/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 9/16/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 9/16/2015 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 9/16/2015 17.1 MB 12.0.30501.0
Microsoft Works Microsoft Corporation 8/31/2014 666 MB 9.7.0621
Minecraft Mojang 12/18/2014 1.22 MB 1.0.0.0
Mozilla Firefox 39.0 (x86 en-US) Mozilla 7/3/2015 84.9 MB 39.0
Mozilla Maintenance Service Mozilla 6/2/2015 246 KB 38.0.5
MPK mini Editor 9/23/2015
MSN Microsoft Corporation 3/4/2012
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10/25/2009 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11/25/2009 1.33 MB 4.20.9876.0
Nexon Game Manager 12/5/2010
OpenVPN 2.2.2 6/2/2015 2.2.2
Oracle VM VirtualBox 5.0.0 Oracle Corporation 7/11/2015 161 MB 5.0.0
Paint.NET v3.5.5 dotPDN LLC 6/25/2010 10.2 MB 3.55.0
Photosmart 140,240,7200,7600,7700,7900 Series Hewlett-Packard 2/14/2013 2.0
PictureMover Hewlett-Packard Company 8/31/2009 50.8 MB 3.3.1.19
Power2Go CyberLink Corp. 8/31/2009 169 MB 6.0.3101
PowerDirector CyberLink Corp. 8/31/2009 521 MB 7.0.3101
Product Improvement Study for HP Officejet 4630 series Hewlett-Packard Co. 3/26/2015 9.67 MB 32.3.198.49673
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/31/2009 6.0.1.5882
ROBLOX Player ROBLOX Corporation 1/2/2016
ROBLOX Studio ROBLOX Corporation 7/18/2015
RuneScape Launcher 1.2.7 Jagex Ltd 12/12/2015 26.7 MB 1.2.7
Samsung Easy Printer Manager Samsung Electronics Co., Ltd. 9/24/2012 1.02.06.07
Samsung ML-2160 Series Samsung Electronics Co., Ltd. 9/24/2012 1.07 (5/8/2012)
Samsung Printer Live Update Samsung Electronics Co., Ltd. 9/24/2012
Shared C Run-time for x64 McAfee 11/9/2012 2.78 MB 10.0.0
Skype™ 7.6 Skype Technologies S.A. 7/3/2015 92.7 MB 7.6.105
Steam Valve Corporation 9/20/2014 2.10.91.91
System Requirements Lab Husdawg, LLC 6/8/2014 650 KB 6.0.12.5
System Requirements Lab CYRI Husdawg, LLC 10/28/2014 606 KB 6.0.19.0
System Requirements Lab Detection Husdawg, LLC 7/16/2015 619 KB 6.1.5.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 10/12/2015 3.0.18
Windows Live Essentials Microsoft Corporation 3/4/2012 14.0.8117.0416
Windows Live Sign-in Assistant Microsoft Corporation 10/24/2009 1.93 MB 5.000.818.5
Windows Live Upload Tool Microsoft Corporation 10/24/2009 224 KB 14.0.8014.1029
WinRAR 5.21 (64-bit) win.rar GmbH 6/5/2015 5.21.0
Xfire (remove only) 1/2/2010


#9 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 05:31 PM

The list of Windows Startups is missing....

 

Disable these IE Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes Extension HP Smart Print Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

Yes Extension Launches HP Network Check that helps you solve connection issues Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
Yes Extension Research Microsoft Corporation C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
Yes Extension Send to OneNote Microsoft Corporation C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
Yes Helper Java™ Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
 
Disable these Firefox Add-ons:
Yes Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 39.0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Firefox has its own PDF reader...if that is all you use Acrobat for...uninstall it
Yes Plugin Java Deployment Toolkit 8.0.450.14 11.45.2.14 Oracle Corporation default Firefox 39.0 C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Yes Plugin Java™ Platform SE 8 U45 11.45.2.14 Oracle Corporation default Firefox 39.0 C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Its likely you don't even need Java unless some game you play uses it
Yes Plugin McAfee SecurityCenter 14.0.1076.0 McAfee, Inc. default Firefox 39.0 c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
 
Disable this Chrome Add-on:
Yes Extension SiteAdvisor 4.0.0.0 First user C:\Users\susana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0
Chrome has a much better bad site warning/ blocker
 
Disable these Scheduled Tasks:
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task AdobeAAMUpdater-1.0-susana-PC-susana Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task FacebookUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000Core Facebook Inc. C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes Task FacebookUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000UA Facebook Inc. C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000Core Google Inc. C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskUserS-1-5-21-1460480799-1526665559-3753584666-1000UA Google Inc. C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task HPCeeScheduleForsusana Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForsusana (null)
Yes Task HPCustParticipation HP Officejet 4630 series Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe" /UA 13.0 /DDV 0x0b05
Yes Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
Yes Task PCDRScheduledMaintenance PC-Doctor, Inc. C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe -fh scripts\monthly.xml -st PCDRScheduledMaintenance
Yes Task SidebarExecute Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes Task {03B4F4A8-F9BC-42AD-AED4-F84DAD55E93D} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.7.80.103/en/abandoninstall?page=tsProgressBar
Yes Task {2F81C66D-B0E3-42E2-969D-9DD0A7C802BF} dotPDN LLC C:\Users\susana\Documents\Roblox Games and programs\PaintDotNet.exe
Yes Task {47EAF647-4C6C-4010-A97A-23DF0426A6A0} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\susana\Downloads\forge-1.7.2-10.12.2.1121-installer-win.exe -d C:\Users\susana\Downloads
 
Uninstall these programs:
ESET Online Scanner v3 1/18/2016
Java 8 Update 25 Oracle Corporation 1/18/2015 73.3 MB 8.0.250
Java 8 Update 45 Oracle Corporation 6/12/2015 77.1 MB 8.0.450
McAfee WebAdvisor McAfee, Inc. 12/2/2015 4.0.207
Microsoft Live Search Toolbar Microsoft Live Search Toolbar 9/8/2009 3.0.560.0
Mozilla Firefox 39.0 (x86 en-US) Mozilla 7/3/2015 84.9 MB 39.0 (Uninstall or Update...your choice)  Open Firefox > Help > About Firefox > Update
Mozilla Maintenance Service Mozilla 6/2/2015 246 KB 38.0.5
Product Improvement Study for HP Officejet 4630 series Hewlett-Packard Co. 3/26/2015 9.67 MB 32.3.198.49673
Windows Live Essentials Microsoft Corporation 3/4/2012 14.0.8117.0416
Windows Live Upload Tool Microsoft Corporation 10/24/2009 224 KB 14.0.8014.1029
 
You should look through the browser Add-ons and identify the ones you don't use.....if any.

Edited by buddy215, 18 January 2016 - 06:07 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 05:52 PM

Soryr about that, also I dont even use firefox for the pdf thing so what should i do about that and how do i go about uninstalling all of those other programs properly to make sure they are completely gone

 

Windows Startup CC Cleaner:

 

Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Yes HKCU:Run AutoTyperMurGee MurGee.com C:\ProgramData\Auto Typer by MurGee\AutoTyper.exe :settings
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Facebook Update Facebook Inc. "C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
Yes HKCU:Run Google Update Google Inc. "C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe
Yes HKCU:Run HP Officejet 4630 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN5145B3ZB05Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
Yes HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes HKCU:Run join.me.launcher LogMeIn, Inc C:\Users\susana\AppData\Local\join.me.launcher\join.me.launcher.exe
Yes HKCU:Run msnmsgr Microsoft Corporation "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
Yes HKLM:Run Adobe Creative Cloud Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run BlueStacks Agent C:\Program Files (x86)\BlueStacks\HD-Agent.exe
Yes HKLM:Run CDAServer C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run HP Component Manager Hewlett-Packard Company "C:\Program Files (x86)\HP\hpcoretech\hpcmpmgr.exe"
Yes HKLM:Run HP Remote Solution %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run HPHmon05 Hewlett-Packard C:\Windows\SysWOW64\hphmon05.exe
Yes HKLM:Run HPHUPD05 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
Yes HKLM:Run hpsysdrv Hewlett-Packard c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run LifeCam Microsoft Corporation "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
Yes HKLM:Run mcui_exe McAfee, Inc. "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
Yes HKLM:Run SmartMenu Hewlett-Packard Company C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
Yes HKLM:Run UpdatePRCShortCut CyberLink Corp. "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
Yes HKLM:Run VX1000 Microsoft Corporation C:\Windows\vVX1000.exe
Yes Startup Common PictureMover.lnk Hewlett-Packard Company C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
Yes Startup User OneNote 2007 Screen Clipper and Launcher.lnk Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

 



#11 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 06:20 PM

I don't think Chrome has a PDF reader so you will need to get one if you uninstall Adobe Acrobat. A good choice would be

Download Sumatra PDF - a free reader

 

You can use Download Revo Uninstaller Freeware in Advanced Mode to uninstall programs.

 

Suggest Disabling these Windows Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:Run Facebook Update Facebook Inc. "C:\Users\susana\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
Yes HKCU:Run Google Update Google Inc. "C:\Users\susana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe
Yes HKCU:Run HP Officejet 4630 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN5145B3ZB05Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
Yes HKCU:Run msnmsgr Microsoft Corporation "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
Yes HKLM:Run Adobe Creative Cloud Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run BlueStacks Agent C:\Program Files (x86)\BlueStacks\HD-Agent.exe
Yes HKLM:Run CDAServer C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
Unless you are sharing this printer on a network or use the printer to scan, this file does not need to run.
Yes HKLM:Run HP Remote Solution %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run HPHmon05 Hewlett-Packard C:\Windows\SysWOW64\hphmon05.exe
Yes HKLM:Run HPHUPD05 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run SmartMenu Hewlett-Packard Company C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
Yes HKLM:Run UpdatePRCShortCut CyberLink Corp. "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
Yes HKLM:Run VX1000 Microsoft Corporation C:\Windows\vVX1000.exe
Yes Startup Common PictureMover.lnk Hewlett-Packard Company C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
Yes Startup User OneNote 2007 Screen Clipper and Launcher.lnk Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 07:12 PM

ok i did all of that, any other advice?  also does my computer seem to be clean of all viruses now?



#13 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 07:26 PM

Are you still experiencing slooooow? Any improvement?

 

Adware and malware that installs adware was found and removed.

 

Did you verify the Digital Signatures of the conhost processes you were concerned about?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 meatman920

meatman920
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:56 PM

Posted 18 January 2016 - 07:32 PM

computer is running much faster i appreictae it

but i couldnt find any digital signatures



#15 buddy215

buddy215

  • Moderator
  • 13,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 18 January 2016 - 07:56 PM

Do you still have three conhosts running after rebooting the computer and not opening any programs? Disabling

startups and uninstalling programs may have reduced the number of conhosts.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users