Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This popped up BSOD: dllregistersetting has detected...


  • Please log in to reply
17 replies to this topic

#1 MimiER

MimiER

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 06:01 PM

Hello,

 

I think I am infected and need help removing this. While opening a tab in IE this warning popped up

 

BSOD: dllregistersetting has detected the error code 0x80060402 and goes on from there with a separate popup window warning to call the number listed to talk to a Microsoft tech

 

I use windows 10. I ran webroot secure anywhere and Malwarebytes anti-malware and neither detected any problem

 

image_zpsnzxj5ec2.jpeg

 

Thank you


Edited by MimiER, 03 April 2016 - 06:07 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:34 PM

Posted 03 April 2016 - 06:20 PM

Did you call the phone # ? Hope not....as it is an ad from a criminal.

Most likely you visited a compromised website or you have adware on your computer.

 

Use the programs below to clean up the computer.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 06:34 PM

Thank you - I'm working on following your instructions now.



#4 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 07:42 PM

Malwarebytes LOG:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/3/2016
Scan Time: 7:47 PM
Logfile: malwarebyteslog.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.03.05
Rootkit Database: v2016.04.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Camille

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 424837
Time Elapsed: 49 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#5 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 07:58 PM

Oh, no I didn't call the # thankfully :)

 

Here is the AdwCleaner LOG:

 

# AdwCleaner v5.108 - Logfile created 03/04/2016 at 20:49:34
# Updated 30/03/2016 by Xplode
# Database : 2016-04-03.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Camille
# Running from : C:\Users\Camille\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [690 bytes] - [03/04/2016 20:49:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [751 bytes] - [03/04/2016 20:46:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [834 bytes] ##########



#6 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 08:13 PM

The JRT LOG:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by Camille (Administrator) on Sun 04/03/2016 at 21:06:20.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 0

 

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3C70EBA-4E3F-4B87-84C7-F1A18F26DC4F} (Registry Key)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/03/2016 at 21:09:26.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#7 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 08:39 PM

The ESET online scanner I can't get to work. I get no button to make it start scanning.



#8 buddy215

buddy215

  • Moderator
  • 13,101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:34 PM

Posted 03 April 2016 - 08:48 PM

Start here....Free Virus Scan | Online Virus Scanner from ESET

 

If you are not using the IE browser....

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 08:53 PM

I am on internet explorer.  I tried from the first link and from the one you just sent. I tried troubleshooting from their website about allowing activeX (but I get no yellow box asking me to allow it) and I tried adding them as a trusted site like they suggest. Neither option worked to make it scan. I'm not sure why



#10 buddy215

buddy215

  • Moderator
  • 13,101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:34 PM

Posted 03 April 2016 - 09:02 PM

If you don't have Firefox or Google Chrome browser installed to attempt to use the Eset scanner, then

try this other scanner:

 

  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it
  • This time, click on Logs
  • From there, go under the Quarantine Log tab, and click on the Export button
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 03 April 2016 - 09:24 PM

I forgot that I do have Firefox in a folder that I never use. Sorry about that. I followed your set of directions for non IE and the scanner is working now. I'll post the log when it finishes.



#12 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 04 April 2016 - 01:09 AM

ESET LOG:

 

C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application cleaned by deleting
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application cleaned by deleting
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application cleaned by deleting
C:\Users\Camille\Desktop\Program shortcuts\winzip180.exe a variant of Win32/Systweak.L potentially unwanted application deleted
C:\Windows\Installer\12e1468d.msi a variant of Win32/Systweak.L potentially unwanted application deleted
K:\FileHistory\Camille\RODGERSFAMILY\Data\C\Users\Camille\Desktop\Program shortcuts\winzip180 (2016_01_20 13_32_57 UTC).exe a variant of Win32/Systweak.L potentially unwanted application deleted
 



#13 buddy215

buddy215

  • Moderator
  • 13,101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:34 PM

Posted 04 April 2016 - 05:22 AM

You were up late. As you can see WinZip bundles junkware and adware in its downloads and updates.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


Edited by buddy215, 04 April 2016 - 05:23 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 MimiER

MimiER
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 04 April 2016 - 07:47 AM

Startup:

 

Yes HKCU:Run Adobe Acrobat Synchronizer Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Yes HKCU:Run Backblaze Backblaze Inc "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run HP Officejet 4630 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN39L1W1JS05Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Yes HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
Yes HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
Yes HKLM:Run Acrobat Assistant 8.0 Adobe Systems Inc. "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
Yes HKLM:Run Adobe Creative Cloud Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
Yes HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run Bitcasa Bitcasa, Inc C:\Program Files\Bitcasa\Bitcasa.exe /startup
Yes HKLM:Run CLMLServer_For_P2G8 CyberLink "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
Yes HKLM:Run CLVirtualDrive CyberLink Corp. "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
Yes HKLM:Run FAHConsole WinZip Computing International, LLC C:\Program Files\File Association Helper\FAHConsole.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run Intel AppUp(SM) center Intel Corporation "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
Yes HKLM:Run IntelliPoint Microsoft Corporation "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run KiesTrayAgent Samsung Electronics Co., Ltd. C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
Yes HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
Yes HKLM:Run RtHDVBg Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /S3HpProtect
Yes HKLM:Run RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
Yes HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Yes HKLM:Run SunJavaUpdateSched  "C:\Program Files (x86)\Java\jre1.8.0_77\bin\jusched.exe"
Yes HKLM:Run WRSVC Webroot "C:\Program Files\Webroot\WRSA.exe" -ul
Yes Startup Common Install LastPass IE RunOnce.lnk Webroot Software, Inc. C:\Program Files (x86)\Common Files\wruninstall.exe
Yes Startup Common Install Webroot FF RunOnce.lnk Webroot Software, Inc. C:\Program Files (x86)\Common Files\wruninstall.exe
Yes Startup Common Install Webroot IE RunOnce.lnk Webroot Software, Inc. C:\Program Files (x86)\Common Files\wruninstall.exe

 

Scheduled Tasks:

 

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-camilleandgarnette@yahoo.com Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task advRecovery SEC "C:\Program Files\Samsung\Recovery\WCScheduler.exe"
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task Dolby Selector  C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HP AR Program Upload - 1b5f648312ed48ecb1720749c9c28428b1252a00c06c45c1b66b296b8f2d88e9 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 1b5f648312ed48ecb1720749c9c28428b1252a00c06c45c1b66b296b8f2d88e9 -mode Scheduled
Yes Task HP AR Program Upload - 68c1d0d81b184bb5b0ca7ce224ef688b8ea34fb20a7e4dc9b7e3e939c56f0c41 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 68c1d0d81b184bb5b0ca7ce224ef688b8ea34fb20a7e4dc9b7e3e939c56f0c41 -mode Scheduled
Yes Task HP AR Program Upload - 781088ed5c244518a320a7df2f2aa3733ebc5a23ca124fbb98b2b54bf4c8476e TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 781088ed5c244518a320a7df2f2aa3733ebc5a23ca124fbb98b2b54bf4c8476e -mode Scheduled
Yes Task HP AR Program Upload - 8b6f43dd042c49ca9dca6213c403744ad8cd4ec060e64b39aed1bfc6b150b1bb TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 8b6f43dd042c49ca9dca6213c403744ad8cd4ec060e64b39aed1bfc6b150b1bb -mode Scheduled
Yes Task HP AR Program Upload - a3d46896839c4006987538e2c7294f7cc684e232473c431c94c121d40f99e142 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N a3d46896839c4006987538e2c7294f7cc684e232473c431c94c121d40f99e142 -mode Scheduled
Yes Task HP AR Program Upload - d2fa4787f62a4764b8c386727a224f2cce027de092aa4fbe8b911c9f7942047f TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N d2fa4787f62a4764b8c386727a224f2cce027de092aa4fbe8b911c9f7942047f -mode Scheduled
Yes Task HP AR Program Upload - d991625b2d9142ebaf55393084cbe88b3ff5cd6fa584451d9bf15b3d3e972b89 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N d991625b2d9142ebaf55393084cbe88b3ff5cd6fa584451d9bf15b3d3e972b89 -mode Scheduled
Yes Task HPCustParticipation HP Officejet 4630 series Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe" /UA 13.0 /DDV 0x0b05
No Task Optimize Start Menu Cache Files-S-1-5-21-1365258335-952834209-122141931-1001  
Yes Task X-Rite Device Services Software Updater X-Rite Inc. C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

 

Programs:

 

3D Builder Microsoft Corporation 1/20/2016  10.10.38.0
4Videosoft iPad Manager Platinum 7.0.08 4Videosoft Studio 2/28/2014 87.4 MB 7.0.08
Adobe Acrobat DC Adobe Systems Incorporated 3/10/2016 1.34 GB 15.010.20060
Adobe AIR Adobe Systems Incorporated 1/27/2016 23.3 MB 14.0.0.178
Adobe Bridge CC (64 Bit) Adobe Systems Incorporated 1/27/2016 1.23 GB 6.0
Adobe Creative Cloud Adobe Systems Incorporated 3/8/2016 215 MB 3.5.1.209
Adobe Exchange Panel Adobe Systems Incorporated 1/27/2016 90.6 MB 1
Adobe Lightroom Adobe Systems Incorporated 1/27/2016 1.23 GB 6.1.1
Adobe Photoshop CC 2015 Adobe Systems Incorporated 1/27/2016 1.23 GB 16.0.1
Adobe Photoshop Elements 11 Adobe Systems Incorporated 3/15/2016 533 MB 11.0
Adobe Photoshop Lightroom 5.7.1 64-bit Adobe Systems Incorporated 8/9/2015 1.75 GB 5.7.1
Adobe Reader X (10.1.16) MUI Adobe Systems Incorporated 10/15/2015 0.96 GB 10.1.16
Alarms & Clock Microsoft Corporation 3/25/2016  10.1603.12020.0
App connector Microsoft Corporation 1/20/2016  1.3.3.0
Apple Application Support Apple Inc. 10/12/2014 124 MB 3.0.6
Apple Mobile Device Support Apple Inc. 10/12/2014 33.8 MB 8.0.0.23
Apple Software Update Apple Inc. 12/1/2013 4.76 MB 2.1.3.127
Backblaze Backblaze, Inc 1/20/2016  
Bitcasa version 0.9.20.4135 Bitcasa Inc. 4/24/2013 10.9 MB 0.9.20.4135
Bonjour Apple Inc. 12/1/2013 4.00 MB 3.0.0.10
Calculator Microsoft Corporation 1/20/2016  10.1601.49020.0
Camera Microsoft Corporation 3/1/2016  2016.225.10.0
CCleaner Piriform 4/3/2016  5.16
ColorInc ROES SoftWorks Systems, Inc. 12/10/2015 2.67 MB 2.1.0
CyberLink Power2Go 8 CyberLink Corp. 4/24/2013 124 MB 8.0.0.1912
CyberLink PowerDVD 10 CyberLink Corp. 4/24/2013 88.6 MB 10.0.4421.02
Dolby Home Theater v4 Dolby Laboratories Inc 4/24/2013 55.7 MB 7.2.8000.14
Dropbox Dropbox, Inc. 3/10/2016  4.1.3.0
E-POP Samsung Electronics CO., LTD. 4/24/2013 11.5 MB 1.0.1
ESET Online Scanner v3  4/3/2016  
File Association Helper WinZip Computing International, LLC 12/9/2013 1.50 MB 1.1.6.53763
GestureControl Extreme Reality Ltd. 4/24/2013 53.6 MB 31.25.6448
Get Office Microsoft Corporation 3/18/2016  17.6811.23771.0
Get Skype Skype 1/20/2016  3.2.1.0
Get Started Microsoft Corporation 3/29/2016  3.5.11.0
Google Earth Google 7/10/2015 227 MB 7.1.5.1557
Groove Music Microsoft Corporation 1/20/2016  3.6.15131.0
Help Desk Samsung Electronics CO., LTD. 12/12/2013 27.6 MB 1.0.96
HP AiO Printer Remote HP Inc. 1/21/2016  59.1.124.0
HP FWUpdateEDO2 Hewlett-Packard 1/24/2014 3.06 MB 1.2.0.0
HP Officejet 4630 series Basic Device Software Hewlett-Packard Co. 1/27/2016 159 MB 32.3.198.49673
HP Officejet 4630 series Help Hewlett Packard 12/1/2013 21.0 MB 31.0.0
HP Photo Creations HP 1/27/2016 2.75 MB 1.0.0.7702
HP Support Solutions Framework Hewlett-Packard Company 5/27/2015 14.8 MB 11.51.0049
HP Update Hewlett-Packard 12/1/2013 8.08 MB 5.005.002.002
I.R.I.S. OCR HP 12/1/2013 38.3 MB 12.3.4.0
iCloud Apple Inc. 10/12/2014 117 MB 4.0.3.56
Intel AppUp(SM) center Intel 1/27/2016 52.4 MB 3.6.1.33070.11
Intel® C++ Redistributables on IA-32 Intel Corporation 4/24/2013 57.2 MB 12.1.122
Intel® Management Engine Components Intel Corporation 4/24/2013  8.1.0.1252
Intel® Processor Graphics Intel Corporation 1/20/2016  10.18.10.4276
Intel® SDK for OpenCL - CPU Only Runtime Package Intel Corporation 4/24/2013  2.0.0.37149
iTunes Apple Inc. 10/12/2014 278 MB 11.4.0.18
Java 8 Update 77 Oracle Corporation 3/28/2016 42.6 MB 8.0.770.3
Lightroom 5.2 Adobe Systems Incorporated 3/15/2016 533 MB 5.2
Mail and Calendar Microsoft Corporation 4/1/2016  17.6769.40721.0
MainType 2.1.1 High-Logic 10/6/2014 4.44 MB 
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 4/3/2016 66.9 MB 2.2.1.1043
Maps Microsoft Corporation 1/20/2016  4.1601.10150.0
Messaging + Skype Microsoft Corporation 1/21/2016  2.13.20000.0
Microsoft IntelliPoint 8.2 Microsoft Corporation 1/27/2016 20.9 MB 8.20.468.0
Microsoft Office Home and Student 2013 - en-us Microsoft Corporation 3/15/2016 1.71 GB 15.0.4805.1003
Microsoft Solitaire Collection Microsoft Studios 3/15/2016  3.8.3092.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 4/24/2013 3.85 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12/1/2013 6.45 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 12/1/2013 13.6 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 12/1/2013 1.10 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 4/24/2013 6.29 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 1/25/2014 6.28 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 4/24/2013 5.64 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 12/1/2013 18.3 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 5/21/2015 19.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 1/20/2016 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 1/20/2016 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 1/20/2016 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 1/20/2016 17.1 MB 12.0.30501.0
Microsoft Wi-Fi Microsoft Corporation 3/29/2016  1.1603.1.0
Money Microsoft Corporation 3/5/2016  4.8.268.0
Movies & TV Microsoft Corporation 3/29/2016  3.6.18671.0
Mozilla Firefox 44.0.2 (x86 en-US) Mozilla 3/1/2016 87.5 MB 44.0.2
Mozilla Maintenance Service Mozilla 2/29/2016 231 KB 44.0.2
MSN Travel Microsoft Corporation 1/20/2016  3.0.4.336
Netflix Netflix Inc. 3/23/2016  6.8.41.0
News Microsoft Corporation 3/5/2016  4.8.268.0
Nik Collection Google 1/20/2016  1.2.11
NOOK – Books, Magazines, Newspapers, Comics Barnes & Noble 1/20/2016  1.9.0.359
OneNote Microsoft Corporation 4/1/2016  17.6769.57631.0
Pandora Pandora Media, Inc 3/26/2016  10.0.5.0
People Microsoft Corporation 3/2/2016  10.0.10500.0
Perfect Resize 8 onOne Software 1/27/2016 78.5 MB 8.5.1
Phone Microsoft Corporation 3/29/2016  2.15.25005.0
Phone Companion Microsoft Corporation 2/5/2016  10.1602.3010.0
Phone Screen Sharing RSUPPORT 5/15/2014 30.7 MB 2.0.0.21
Photo Transfer App UNKNOWN 1/27/2016 2.49 MB 2.1.0
Photos Microsoft Corporation 3/29/2016  16.325.12390.0
Pinball FX2 Microsoft Studios 1/20/2016  1.8.1.957
PocketWizard Utility LPA Design 11/20/2014 29.8 MB 1.58
Product Improvement Study for HP Officejet 4630 series Hewlett-Packard Co. 1/27/2016 19.3 MB 32.3.198.49673
Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Communications 4/24/2013 190 MB 8.0.0.220
Qualcomm Atheros Client Installation Program Qualcomm Atheros 4/24/2013 36.0 KB 10.0
Reader Microsoft Corporation 3/8/2016  6.4.9926.18228
Realtek Ethernet Controller Driver Realtek 4/24/2013 2.73 MB 8.4.907.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 1/27/2016 17.9 MB 6.0.1.7543
Recovery Samsung Electronics CO., LTD. 12/12/2013 195 MB 6.0.10.0
Samsung Kies Samsung Electronics Co., Ltd. 4/24/2013 54.2 MB 2.5.2.13021_11
Samsung Survey Samsung Electronics Co., Ltd. 1/28/2016 21.6 MB 2.0.1
Samsung Update Samsung Electronics Co., Ltd. 2/11/2016 43.4 MB 2.2.28
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 1/20/2016 44.0 MB 1.5.25.0
Settings Samsung Electronics CO., LTD. 4/24/2013 166 MB 2.0.1
Shark Dash GAMELOFT SA 1/20/2016  1.3.6.9
SideSync Samsung Electronics CO., LTD. 5/15/2014 54.4 MB 2.0.0
Sports Microsoft Corporation 3/5/2016  4.8.268.0
Stellarium 0.13.3 Stellarium team 7/10/2015 186 MB 0.13.3
Sticky Notes 8 Marco Rinaldi 2/6/2016  10.0.0.0
Store Microsoft Corporation 3/10/2016  2016.29.13.0
Support Center  12/12/2013  
Sway Microsoft Corporation 3/12/2016  17.6769.45081.0
Tablet Wacom Technology Corp. 1/20/2016  
TurboTax 2013 Intuit, Inc 1/20/2016  2013.0
TurboTax 2014 Intuit, Inc 1/20/2016  2014.0
TurboTax 2015 Intuit, Inc 2/12/2016  2015.0
User Guide Samsung Electronics CO., LTD. 4/24/2013 873 MB 1.9.00
Voice Recorder Microsoft Corporation 1/20/2016  10.1512.21110.0
Weather Microsoft Corporation 3/5/2016  4.8.277.0
Webroot SecureAnywhere Webroot 3/15/2016 1.40 MB 9.0.8.72
Windows Live Essentials Microsoft Corporation 4/24/2013  16.4.3503.0728
Windows Reading List Microsoft Corporation 1/20/2016  6.3.9654.20947
Windows Scan Microsoft Corporation 1/20/2016  6.3.9654.17133
WinZip 18.0 WinZip Computing, S.L.  12/9/2013 197 MB 18.0.10661
X-Rite Device Services Manager X-Rite 1/26/2014 20.8 MB 2.3.75
Xbox Microsoft Corporation 3/24/2016  15.15.22005.0
 

 



#15 buddy215

buddy215

  • Moderator
  • 13,101 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:34 PM

Posted 04 April 2016 - 08:29 AM

Suggest Disabling these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right. Suggest is the keyword...

Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run HP Officejet 4630 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN39L1W1JS05Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

es HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Yes HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
Yes HKCU:RunOnce Uninstall C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camille\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"

Yes HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

Yes HKLM:Run Bitcasa Bitcasa, Inc C:\Program Files\Bitcasa\Bitcasa.exe /startup

Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

Yes Task HP AR Program Upload - 1b5f648312ed48ecb1720749c9c28428b1252a00c06c45c1b66b296b8f2d88e9 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 1b5f648312ed48ecb1720749c9c28428b1252a00c06c45c1b66b296b8f2d88e9 -mode Scheduled
Yes Task HP AR Program Upload - 68c1d0d81b184bb5b0ca7ce224ef688b8ea34fb20a7e4dc9b7e3e939c56f0c41 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 68c1d0d81b184bb5b0ca7ce224ef688b8ea34fb20a7e4dc9b7e3e939c56f0c41 -mode Scheduled
Yes Task HP AR Program Upload - 781088ed5c244518a320a7df2f2aa3733ebc5a23ca124fbb98b2b54bf4c8476e TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 781088ed5c244518a320a7df2f2aa3733ebc5a23ca124fbb98b2b54bf4c8476e -mode Scheduled
Yes Task HP AR Program Upload - 8b6f43dd042c49ca9dca6213c403744ad8cd4ec060e64b39aed1bfc6b150b1bb TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N 8b6f43dd042c49ca9dca6213c403744ad8cd4ec060e64b39aed1bfc6b150b1bb -mode Scheduled
Yes Task HP AR Program Upload - a3d46896839c4006987538e2c7294f7cc684e232473c431c94c121d40f99e142 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N a3d46896839c4006987538e2c7294f7cc684e232473c431c94c121d40f99e142 -mode Scheduled
Yes Task HP AR Program Upload - d2fa4787f62a4764b8c386727a224f2cce027de092aa4fbe8b911c9f7942047f TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N d2fa4787f62a4764b8c386727a224f2cce027de092aa4fbe8b911c9f7942047f -mode Scheduled
Yes Task HP AR Program Upload - d991625b2d9142ebaf55393084cbe88b3ff5cd6fa584451d9bf15b3d3e972b89 TODO: <Company name> C:\Program Files\HP\HP Officejet 4630 series\bin\HPRewards.exe -N d991625b2d9142ebaf55393084cbe88b3ff5cd6fa584451d9bf15b3d3e972b89 -mode Scheduled
Yes Task HPCustParticipation HP Officejet 4630 series Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe" /UA 13.0 /DDV 0x0b05

Yes Task X-Rite Device Services Software Updater X-Rite Inc. C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

 

Uninstall these programs:

Bonjour Apple Inc. 12/1/2013 4.00 MB 3.0.0.10

ESET Online Scanner v3  4/3/2016

Mozilla Firefox 44.0.2 (x86 en-US) Mozilla 3/1/2016 87.5 MB 44.0.2 (or update to 45)

Product Improvement Study for HP Officejet 4630 series Hewlett-Packard Co. 1/27/2016 19.3 MB 32.3.198.49673


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users