Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i think i have a virus, im using window 10


  • Please log in to reply
7 replies to this topic

#1 Divaindeed22

Divaindeed22

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 04 June 2016 - 12:01 PM

My computer has been running extremely slow. I used super antispyware but it has done nothing to help me. I recently updated my computer speed thinking that was the issue but its still very slow. Can someone help please?

Thanks

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:35 AM

Posted 04 June 2016 - 12:45 PM

You can use the programs below to find and remove malware and adware. A good group of programs to start with and maybe end.

SAS has lost a lot of steam in the past few years.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Divaindeed22

Divaindeed22
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 06 June 2016 - 10:41 PM

Here are my results

 

Malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/6/2016
Scan Time: 3:11 PM
Logfile: Malware log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.06.06
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: melne34

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 391924
Time Elapsed: 53 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 27
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{920d90da-df4c-4891-b1e4-6ebc87cb924d}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{920d90da-df4c-4891-b1e4-6ebc87cb924d}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{920d90da-df4c-4891-b1e4-6ebc87cb924d}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0C3DDFB7-4CDB-495B-B3E9-D59725B43DFC}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0C3DDFB7-4CDB-495B-B3E9-D59725B43DFC}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0C3DDFB7-4CDB-495B-B3E9-D59725B43DFC}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0C3DDFB7-4CDB-495B-B3E9-D59725B43DFC}, Quarantined, [8e3024d57f1aca6c3ba1213e3cc632ce],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [e8d668917e1bc2749c52fa6543bfa957],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [e8d668917e1bc2749c52fa6543bfa957],
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0B4D26F6-61A8-4463-99DD-5F2FE0400FA6}, Quarantined, [a618be3b91085fd79b05bbdf50b33ec2],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarantined, [fac4e9106534320403cff5d1e91a2bd5],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, Quarantined, [5a640dec11884ee8141a3d5d07fc59a7],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarantined, [8d3101f8f5a443f3e8ea3492fd06fc04],
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [912df9009dfc181e4f6901a34bb8a35d],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [ecd2ee0b9702f14562ace8a427dc25db],
PUP.Optional.CrossRider, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AE00DEB-83CE-4DF7-B82C-1A8C76B2B9A4}, Quarantined, [f9c52bcecdcc261088fc0e7ed231d828],
PUP.Optional.CrossRider, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD2BC3B6-A619-4497-BE99-B9F633C28FA8}, Quarantined, [b8068673544572c47c07b5d7877ce21e],
PUP.Optional.MySearchDial, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0B4D26F6-61A8-4463-99DD-5F2FE0400FA6}, Quarantined, [794549b07425cc6a3f5bdcbe7d86cf31],
PUP.Optional.BDYahoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{59BDE5A2-720E-4198-AE67-6F97ABBA857C}, Quarantined, [0db151a87d1c2313b9cf7e0713f0817f],
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [635bc732970285b1a49cf0bea65daa56],
PUP.Optional.ProductSetup, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [1da18475e5b4bb7bfd677a2421e258a8],
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\resultshub-a.akamaihd.net, Quarantined, [942a46b3297079bd29655c851fe443bd],
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\resultshub-a.akamaihd.net, Quarantined, [566812e7a7f20531622f3aa763a01ae6],

Registry Values: 12
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, Quarantined, [f2cc27d23d5c93a3eb1eb2fe917214ec]
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=mp3_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0A0FtCtCyC0B0AyB0DtBtAtN0D0Tzu0SzzyEtDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyyDtBtC0A0E0EtGyC0F0FtAtGtB0FyByBtG0Fzyzy0EtGyCtAtAyEtDyBtDyEyE0Fzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzzyD0DyE0Dzz0CtGyC0CyCyDtG0FyByDzytG0C0ByB0DtGtBtAyEyBtBzzyDtByC0FzzyE2Q&cr=564882370&ir=, Quarantined, [a618be3b91085fd79b05bbdf50b33ec2]
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, Quarantined, [02bc6099a3f602340e92504a21e20ff1]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [fac4e9106534320403cff5d1e91a2bd5]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [8d3101f8f5a443f3e8ea3492fd06fc04]
PUP.Optional.CrossRider, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AE00DEB-83CE-4DF7-B82C-1A8C76B2B9A4}|AppName, 9a59edf6-dba4-42e9-b4d9-3a4ddec8b58d-2.exe-codedownloader.exe, Quarantined, [f9c52bcecdcc261088fc0e7ed231d828]
PUP.Optional.CrossRider, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD2BC3B6-A619-4497-BE99-B9F633C28FA8}|AppName, 9a59edf6-dba4-42e9-b4d9-3a4ddec8b58d-2.exe-buttonutil.exe, Quarantined, [b8068673544572c47c07b5d7877ce21e]
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, Quarantined, [3e805a9f6f2ace6888cb654abf4442be]
PUP.Optional.MySearchDial, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=mp3_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0A0FtCtCyC0B0AyB0DtBtAtN0D0Tzu0SzzyEtDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyyDtBtC0A0E0EtGyC0F0FtAtGtB0FyByBtG0Fzyzy0EtGyCtAtAyEtDyBtDyEyE0Fzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzzyD0DyE0Dzz0CtGyC0CyCyDtG0FyByDzytG0C0ByB0DtGtBtAyEyBtBzzyDtByC0FzzyE2Q&cr=564882370&ir=, Quarantined, [794549b07425cc6a3f5bdcbe7d86cf31]
PUP.Optional.BDYahoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{59BDE5A2-720E-4198-AE67-6F97ABBA857C}|URL, http://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}, Quarantined, [0db151a87d1c2313b9cf7e0713f0817f]
PUP.Optional.Yontoo, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVwoTEgcSbVoAWV9cFQNHcBRZVAEXDAQTdl0MAAlDQ1YWdx9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}, Quarantined, [635bc732970285b1a49cf0bea65daa56]
PUP.Optional.ProductSetup, HKU\S-1-5-21-2639405338-829866145-118346826-1001\SOFTWARE\PRODUCTSETUP|tb, 0Q1K1G1I1FtQyD, Quarantined, [1da18475e5b4bb7bfd677a2421e258a8]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.MultiPlug, C:\Program Files (x86)\IncrementInstance\IncrementInstance.dll, Quarantined, [7c421adf5544d75fc6d8014e22df5ea2],
PUP.Optional.Yontoo, C:\ods.exe, Quarantined, [e6d8d0298a0f20160ecf72bf758c827e],
PUP.Optional.WinYahoo, C:\Users\melne34\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, Quarantined, [c2fc0decd1c88bab4af1770706fd936d],
PUP.Optional.MP3Rocket, C:\Users\Public\Desktop\MP3 Rocket 7.3.2.lnk, Quarantined, [299520d95544e84e50ba683244bf5ea2],
PUP.Optional.Yontoo, C:\ods.exe.config, Quarantined, [0db1d029a5f44cea8152537d32d11de3],
PUP.Optional.Yontoo, C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Bad: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggadg8LAwpDEBhAeAFeTA1HRQUOIQwABxRAEQNHdFgIU1sSFAIFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"],"urls_to_restore_on_startup":["http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggadg8LAwpDEBhAeAFeTA1HRQUOIQwABxRAEQNHdFgIU1sSFAIFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"]},"sync":{}}), Replaced,[398559a0f0a951e5e13f5d28cf35bd43]

Physical Sectors: 0
(No malicious items detected)

(end)

 

AdwCleaner:

 

# AdwCleaner v5.119 - Logfile created 06/06/2016 at 17:04:18
# Updated 30/05/2016 by Xplode
# Database : 2016-06-06.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : melne34 - MELNE34-HP
# Running from : C:\Users\melne34\AppData\Local\Microsoft\Windows\INetCache\IE\8YVDRLPZ\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : CouponPrinterService

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\Program Files (x86)\Coupons
[-] Folder Deleted : C:\Program Files (x86)\Digital Coupon Printer
[-] Folder Deleted : C:\Program Files (x86)\PrintMyCouponAnywhere
[-] Folder Deleted : C:\Program Files (x86)\Yahoo!\yset
[-] Folder Deleted : C:\Users\melne34\AppData\Local\YSearchUtil
[-] Folder Deleted : C:\Users\melne34\AppData\Roaming\catalina – print savings
[-] Folder Deleted : C:\Users\melne34\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings
[-] Folder Deleted : C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdldbgojabdbiapkfeldpfmbecmcaoec

***** [ Files ] *****

[#] File Deleted : C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iagcajndpnfncplednpbnkahadegklfa
[-] File Deleted : C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdldbgojabdbiapkfeldpfmbecmcaoec_0.localstorage

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\cdldbgojabdbiapkfeldpfmbecmcaoec
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Web browsers ] *****

[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchinterneat-a.akamaihd.net
[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVwoTEgcSbVoAWV9cFQNHcBRZVAEXDAQTdl0MAAlDQ1YWdx9aFQQTQkcFME0FBloEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cdldbgojabdbiapkfeldpfmbecmcaoec
[-] [C:\Users\melne34\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ogminpmldncgcmokldnmmapddoccmhfl

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6185 bytes] - [06/06/2016 17:04:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [13447 bytes] - [22/08/2014 10:58:00]
C:\AdwCleaner\AdwCleaner[R1].txt - [1304 bytes] - [18/10/2014 20:52:10]
C:\AdwCleaner\AdwCleaner[R2].txt - [4336 bytes] - [24/10/2014 22:21:09]
C:\AdwCleaner\AdwCleaner[R3].txt - [4396 bytes] - [24/10/2014 22:24:43]
C:\AdwCleaner\AdwCleaner[R4].txt - [6456 bytes] - [19/11/2014 21:18:55]
C:\AdwCleaner\AdwCleaner[R5].txt - [13004 bytes] - [21/03/2015 13:04:06]
C:\AdwCleaner\AdwCleaner[R6].txt - [9158 bytes] - [15/05/2015 20:09:16]
C:\AdwCleaner\AdwCleaner[R7].txt - [5776 bytes] - [31/05/2015 09:12:24]
C:\AdwCleaner\AdwCleaner[R8].txt - [2249 bytes] - [31/05/2015 10:01:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [12192 bytes] - [22/08/2014 11:03:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [8578 bytes] - [18/10/2014 20:56:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [4319 bytes] - [24/10/2014 22:26:08]
C:\AdwCleaner\AdwCleaner[S3].txt - [6605 bytes] - [19/11/2014 21:20:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [11876 bytes] - [21/03/2015 13:07:24]
C:\AdwCleaner\AdwCleaner[S5].txt - [9100 bytes] - [15/05/2015 20:11:06]
C:\AdwCleaner\AdwCleaner[S6].txt - [5827 bytes] - [31/05/2015 09:18:00]
C:\AdwCleaner\AdwCleaner[S7].txt - [2335 bytes] - [31/05/2015 10:02:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7503 bytes] ##########

 

 

Junkware Tool:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by melne34 (Administrator) on Mon 06/06/2016 at 20:13:11.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 14

Successfully deleted: C:\ProgramData\Start Menu\Programs\mp3 rocket (Folder)
Successfully deleted: C:\WINDOWS\couponprinter.ocx (File)
Successfully deleted: C:\Program Files (x86)\mp3 rocket (Folder)
Successfully deleted: C:\Program Files (x86)\pricef~1 (Folder)
Successfully deleted: C:\Users\melne34\AppData\Roaming\appdataFr25.bin (File)
Successfully deleted: C:\Users\melne34\AppData\Roaming\appdataFr3.bin (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho30D7.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho39DC.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho3E1C.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho66A5.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho6C0B.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho6F27.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho70D6.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho759E.tmp (File)

 

Registry: 3

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{1D350A71-6FB4-4C1B-A7E8-5BE8DFE1E72E} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA4485EC-3F29-4DBD-BF1C-36C495B972FB} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA4485EC-3F29-4DBD-BF1C-36C495B972FB} (Registry Key)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/06/2016 at 20:15:06.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

I am still waiting for the Eset Scan to finish



#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:35 AM

Posted 07 June 2016 - 06:22 AM

As you can see....a lot of adware was removed. After Eset finishes its scan and you have posted the results, do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Divaindeed22

Divaindeed22
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 07 June 2016 - 04:28 PM

ESETScan:

 

C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Coupons\uninstall.exe.vir a variant of Win32/Adware.Coupons.AA application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DealAlly\node\conf.js.vir Win32/UnlimitedDownloads.D potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DealAlly\node\service.exe.vir Win32/UnlimitedDownloads.F potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DealAlly\node\sys.node.vir a variant of Win32/UnlimitedDownloads.I potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Hoist Search\node\conf.js.vir Win32/UnlimitedDownloads.D potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Hoist Search\node\service.exe.vir Win32/UnlimitedDownloads.F potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Hoist Search\node\sys.node.vir a variant of Win32/UnlimitedDownloads.I potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir a variant of MSIL/Adware.PullUpdate.H application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Users\melne34\AppData\Roaming\wse_astromenda\UpdateProc\bkup.dat.vir VBS/Kryptik.DY trojan cleaned by deleting
C:\Program Files (x86)\Common Files\Cache utility\node\conf.js Win32/UnlimitedDownloads.D potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Common Files\Cache utility\node\service.exe Win32/UnlimitedDownloads.F potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Common Files\Cache utility\node\sys.node a variant of Win32/UnlimitedDownloads.I potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Common Files\Display settings\node\conf.js Win32/UnlimitedDownloads.D potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Common Files\Display settings\node\service.exe Win32/UnlimitedDownloads.F potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Common Files\Display settings\node\sys.node a variant of Win32/UnlimitedDownloads.I potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll a variant of Win32/Adware.Coupons.AA application cleaned by deleting

 

Startups:

 

Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Yes HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\melne34\AppData\Local\Microsoft\BingSvc\BingSvc.exe
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
Yes HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Yes HKCU:Run iCloudPhotos Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes HKCU:RunOnce Uninstall C:\Users\melne34\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melne34\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run BeatsOSDApp Hewlett-Packard  C:\Program Files\IDT\WDM\beats64.exe
Yes HKLM:Run Digital Coupon Print Driver  "C:\Program Files (x86)\Digital Coupon Printer\DigitalCouponPrinter.exe"
Yes HKLM:Run DT HPO Portrait Displays, Inc. C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Yes HKLM:Run FUFAXRCV SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
Yes HKLM:Run FUFAXSTM SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
Yes HKLM:Run HotKeysCmds Intel Corporation "C:\WINDOWS\system32\hkcmd.exe"
Yes HKLM:Run HP Software Update Hewlett-Packard c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run hpsysdrv Hewlett-Packard c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
Yes HKLM:Run Http Listener  C:\Program Files (x86)\PrintMyCouponAnywhere\PrintMyCouponAnywhere.exe
Yes HKLM:Run IgfxTray Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
Yes HKLM:Run PDF Complete PDF Complete Inc C:\Program Files (x86)\PDF Complete\pdfsty.exe
Yes HKLM:Run Persistence Intel Corporation "C:\WINDOWS\system32\igfxpers.exe"
Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run SysTrayApp IDT, Inc. C:\Program Files\IDT\WDM\sttray64.exe
Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\melne34\AppData\Roaming\Dropbox\bin\Dropbox.exe

 

Scheduled Tasks:

 

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DropboxUpdateTaskUserS-1-5-21-2639405338-829866145-118346826-1001Core Dropbox, Inc. C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskUserS-1-5-21-2639405338-829866145-118346826-1001UA Dropbox, Inc. C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task EPSON XP-830 Series Update {E6299587-3505-44D4-9C48-73F9451CBA7D} SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE /EXE:"{E6299587-3505-44D4-9C48-73F9451CBA7D}" /F:"Update"
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleFormelne34 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleFormelne34 (null)
Yes Task HPCeeScheduleForMELNE34-HP$ Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMELNE34-HP$ (null)
Yes Task RMCreator CyberLink C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe
 

 

List of Programs Installed:

 

3D Builder Microsoft Corporation 12/21/2015  10.10.38.0
Adobe Acrobat Reader DC Adobe Systems Incorporated 6/6/2016 375 MB 15.016.20045
Adobe AIR Adobe Systems Incorporated 12/24/2015 14.8 MB 2.6.0.19120
Adobe Shockwave Player 12.1 Adobe Systems, Inc. 12/24/2015 9.46 MB 12.1.3.153
Alarms & Clock Microsoft Corporation 3/24/2016  10.1603.12020.0
Amazon Kindle Amazon 12/16/2015  
App connector Microsoft Corporation 12/21/2015  1.3.3.0
Apple Application Support (32-bit) Apple Inc. 3/23/2016 157 MB 4.3
Apple Application Support (64-bit) Apple Inc. 3/23/2016 175 MB 4.3
Apple Mobile Device Support Apple Inc. 3/23/2016 48.0 MB 9.3.0.15
Apple Software Update Apple Inc. 3/23/2016 5.39 MB 2.2.0.150
Audacity 2.0.5 Audacity Team 7/27/2014 45.7 MB 2.0.5
Bing Bar Microsoft Corporation 11/24/2011 4.21 MB 7.0.610.0
Bing Maps 3D Microsoft Corporation 11/24/2011 24.9 MB 4.0.903.16005
Blio K-NFB Reading Technology, Inc. 11/24/2011 62.1 MB 2.2.6699
Bonjour Apple Inc. 9/25/2015 4.03 MB 3.1.0.1
Calculator Microsoft Corporation 1/20/2016  10.1601.49020.0
Camera Microsoft Corporation 4/23/2016  2016.325.60.0
Candy Crush Saga king.com 6/7/2016  1.761.1.0
Catalina Savings Printer  1/27/2015  
CCleaner Piriform 6/6/2016  5.18
CouponPrinterPlugin  2/11/2011  
Digital Coupon Printer Hopster, Inc. an Inmar company 6/20/2015 154 KB 3.17.0.0
Dropbox Dropbox, Inc. 6/6/2016  4.4.29
Dual Stream 802.11n Wireless LAN Card Ralink 11/24/2011 40.1 MB 3.01.18.0
DVD Menu Pack for HP TouchSmart Video Hewlett-Packard 11/24/2011 59.3 MB 4.1.4412
Epson Event Manager Seiko Epson Corporation 5/16/2016 88.0 MB 3.10.0061
Epson FAX Utility SEIKO EPSON CORPORATION 5/16/2016 70.5 MB 1.62.00
EPSON Manuals SEIKO EPSON CORPORATION 5/16/2016 1.64 MB 1.50.0.0
Epson PC-FAX Driver  5/16/2016  
EPSON Scan Seiko Epson Corporation 5/16/2016  
EPSON XP-830 Series Printer Uninstall Seiko Epson Corporation 5/16/2016  
EpsonNet Print SEIKO EPSON Corporation 5/16/2016 24.5 MB 3.1.2.0
ESET Online Scanner v3  6/6/2016  
Facebook for HP TouchSmart Hewlett-Packard 11/24/2011 27.4 MB 1.1.0004
Facebook for HP TouchSmart Hewlett-Packard 11/24/2011  1.1.0004
Get Office Microsoft Corporation 6/7/2016  17.7012.23531.0
Get Skype Skype 12/21/2015  3.2.1.0
Get Started Microsoft Corporation 3/29/2016  3.5.11.0
Google Chrome Google Inc. 5/30/2013 481 MB 50.0.2661.102
Google Toolbar for Internet Explorer Google Inc. 5/4/2016 13.3 MB 7.5.7619.1252
Google Update Helper  2/11/2011  
Groove Music Microsoft Corporation 12/18/2015  3.6.15131.0
HP Calendar Hewlett-Packard 5/7/2013 18.1 MB 5.1.4245.23508
HP Clock Hewlett-Packard 5/7/2013 836 KB 5.1.4281.27332
HP Explore Hewlett-Packard Company 12/21/2015  0.1.50.0
HP Games WildTangent 12/24/2015 14.3 MB 1.0.2.5
HP LinkUp Hewlett-Packard 11/24/2011 77.6 MB 2.01.028
HP Magic Canvas  4/16/2013  
HP MovieStore Hewlett-Packard Company 6/6/2016 12.6 MB 2.0
HP My Display TouchSmart Edition Portrait Displays, Inc. 11/24/2011 12.6 MB 1.06.004
HP Notes Hewlett-Packard 5/7/2013 36.4 MB 5.1.4274.30382
HP Odometer Hewlett-Packard 11/24/2011 96.0 KB 2.10.0000
HP Photo Canvas Hewlett-Packard 5/7/2013 9.80 MB 5.1.4267.27011
HP RSS Hewlett-Packard 5/7/2013 5.66 MB 5.1.4301.21494
HP Setup Hewlett-Packard Company 11/24/2011 14.5 MB 8.7.4747.3786
HP Setup Manager Hewlett-Packard Company 11/24/2011 16.6 MB 1.1.13880.3792
HP Support Assistant HP 1/20/2016 94.9 MB 8.2.8.25
HP Support Information Hewlett-Packard 11/24/2011 312 KB 10.1.1000
HP Support Solutions Framework HP 1/20/2016 12.4 MB 12.4.18.7
HP Touch Browser Hewlett-Packard 5/7/2013 7.38 MB 5.1.4227.17815
HP TouchSmart Ben10 Comic Book Reader Turner Entertainment Networks Asia, Inc. 11/24/2011 12.6 MB 4.0.0.0
HP TouchSmart Bubble Wrap Hewlett-Packard 11/24/2011 4.38 MB 1.0.0.0
HP TouchSmart eBay Hewlett-Packard 11/24/2011 12.0 MB 1.0.4098.28440
HP TouchSmart eBay Hewlett-Packard 11/24/2011  1.0.4098.28440
HP TouchSmart Get Updated! Turner Entertainment Networks Asia, Inc. 11/24/2011 12.6 MB 4.0.0.0
HP TouchSmart Metric Converter Hewlett-Packard 11/24/2011 5.15 MB 1.0.0.0
HP TouchSmart Music Hewlett-Packard 11/24/2011 36.7 MB 4.2.5414
HP TouchSmart Paint Blast Turner Entertainment Networks Asia, Inc. 11/24/2011 12.6 MB 4.0.0.0
HP TouchSmart Photo Hewlett-Packard 11/24/2011 97.5 MB 4.2.5414
HP TouchSmart RecipeBox Hewlett-Packard 11/24/2011 39.8 MB 3.0.3830.27730
HP TouchSmart RecipeBox Hewlett-Packard 11/24/2011  3.0.3830.27730
HP TouchSmart Spot Hewlett-Packard 11/24/2011 10.5 MB 1.0.0.0
HP TouchSmart Tap Tap Bear Hewlett-Packard 11/24/2011 3.41 MB 1.0.0.0
HP TouchSmart Tutorials Hewlett-Packard 11/24/2011 8.33 MB 4.0.0.4
HP TouchSmart Video Hewlett-Packard 11/24/2011 87.4 MB 4.2.5414
HP TouchSmart Webcam Hewlett-Packard 11/24/2011 83.8 MB 4.2.4214
HP Update Hewlett-Packard 11/24/2011 5.94 MB 5.002.003.003
HP Vision Hardware Diagnostics Hewlett-Packard 11/24/2011 23.5 MB 2.9.0.0
HP Weather Hewlett-Packard 5/7/2013 4.43 MB 5.1.4295.16450
iCloud Apple Inc. 3/23/2016 151 MB 5.1.0.34
IDT Audio IDT 11/24/2011 137 MB 1.0.6349.0
Intel® Control Center Intel Corporation 4/16/2013  1.2.1.1007
Intel® Management Engine Components Intel Corporation 4/16/2013  7.0.0.1144
Intel® Processor Graphics Intel Corporation 10/13/2013  8.15.10.2430
iTunes Apple Inc. 3/23/2016 285 MB 12.3.3.17
Java 8 Update 51 Oracle Corporation 8/9/2015 9.79 MB 8.0.510
Kobo Kobo Inc. 12/24/2015 104 MB 1.6
LabelPrint CyberLink Corp. 11/24/2011 165 MB 2.5.3925
Mail and Calendar Microsoft Corporation 5/4/2016  17.6868.40731.0
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 6/6/2016 66.9 MB 2.2.1.1043
Maps Microsoft Corporation 1/19/2016  4.1601.10150.0
Messaging + Skype Microsoft Corporation 4/23/2016  2.15.20002.0
Microsoft Mathematics Microsoft Corporation 4/15/2013 27.6 MB 4.0
Microsoft Office 365 - en-us Microsoft Corporation 6/6/2016 1.68 GB 15.0.4823.1004
Microsoft Office Click-to-Run 2010 Microsoft Corporation 5/4/2016 10.1 MB 14.0.4763.1000
Microsoft Office Starter 2010 - English Microsoft Corporation 12/16/2015  14.0.4763.1000
Microsoft PowerPoint Viewer Microsoft Corporation 5/10/2016 382 MB 14.0.7015.1000
Microsoft Silverlight Microsoft Corporation 1/15/2016 143 MB 5.1.41212.0
Microsoft Solitaire Collection Microsoft Studios 5/11/2016  3.9.5100.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11/24/2011 3.39 MB 3.1.0000
Microsoft Touch Pack for Windows 7 Microsoft Corporation 11/24/2011 595 MB 1.0.40517.00
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 4/18/2013 596 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2/11/2011 2.96 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2/11/2011 1.53 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 11/24/2011 1.53 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 4/19/2013 1.53 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2/11/2011 1.16 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 11/24/2011 1.15 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 4/19/2013 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 7/25/2015 23.7 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 7/25/2015 22.2 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 12/16/2015 20.5 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 6/6/2016 6.25 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 4/29/2016  1.1604.4.0
Microsoft XNA Framework Redistributable 3.0 Microsoft Corporation 11/24/2011 15.2 MB 3.0.11010.0
Money Microsoft Corporation 4/27/2016  4.9.51.0
Movie Theme Pack for HP TouchSmart Video Hewlett-Packard 11/24/2011 124 MB 4.1.4412
Movies & TV Microsoft Corporation 4/23/2016  3.6.19761.0
MP3 Rocket MP3 Rocket Inc 12/16/2015 36.4 MB 7.3.2
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 4/19/2013 2.55 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 4/19/2013 2.66 MB 4.20.9876.0
News Microsoft Corporation 4/27/2016  4.9.51.0
Norton Online Backup Symantec Corporation 11/24/2011 12.2 MB 2.1.17869
OneNote Microsoft Corporation 5/6/2016  17.6868.57841.0
PDF Complete Special Edition PDF Complete, Inc 12/24/2015 42.8 MB 4.0.54
People Microsoft Corporation 4/23/2016  10.0.10811.0
Phone Microsoft Corporation 4/23/2016  2.15.28004.0
Phone Companion Microsoft Corporation 2/5/2016  10.1602.3010.0
Photos Microsoft Corporation 3/29/2016  16.325.12390.0
PlayReady PC Runtime amd64 Microsoft Corporation 11/24/2011 4.11 MB 1.3.0
PlayReady PC Runtime x86 Microsoft Corporation 11/24/2011 3.30 MB 1.3.0
Power2Go CyberLink Corp. 11/24/2011 130 MB 6.1.5331
PressReader  NewspaperDirect Inc. 11/24/2011 18.5 MB 5.10.1217.0
Price Finder Pronto.com 12/16/2015 392 KB 1.1.9
PrintMyCouponAnywhere RevTrax 11/7/2015 154 KB 1.0.0.0
QuickTime 7 Apple Inc. 8/9/2015 102 MB 7.77.80.95
Realtek Ethernet Controller Driver Realtek 7/30/2015 11.4 MB 7.85.423.2014
Realtek PCIE Card Reader Realtek Semiconductor Corp. 11/24/2011 41.7 MB 6.1.7601.82
Remote Graphics Receiver Hewlett-Packard 11/24/2011 12.6 MB 5.4.5
RoxioNow Player RoxioNow 11/24/2011 5.15 MB 1.9.5.103
Software Updater SEIKO EPSON CORPORATION 5/16/2016 20.1 MB 4.3.7
Sports Microsoft Corporation 4/27/2016  4.9.51.0
Stellarium 0.13.3 Stellarium team 6/13/2015 186 MB 0.13.3
Store Microsoft Corporation 4/30/2016  11602.1.26.0
Sway Microsoft Corporation 5/5/2016  17.6965.45161.0
The Weather Channel App  12/16/2015  
Time, Money and Fractions  12/31/2015  
Twitter Hewlett-Packard 5/7/2013 16.1 MB 3.0.4276.30236
Twitter Twitter Inc. 5/14/2016  5.0.3.0
Voice Recorder Microsoft Corporation 12/22/2015  10.1512.21110.0
Weather Microsoft Corporation 4/27/2016  4.9.51.0
Windows DVD Player Microsoft Corporation 12/21/2015  3.6.13291.0
Windows Live Essentials Microsoft Corporation 11/24/2011  15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 11/24/2011 11.1 MB 15.4.5722.2
Xbox Microsoft Corporation 5/7/2016  15.17.3003.0
Zinio Reader 4 Zinio LLC 12/24/2015 2.33 MB 4.2.4164


 



#6 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:35 AM

Posted 07 June 2016 - 06:44 PM

Delete these Windows Startup: Use CCleaner by clicking on each item and then choose Delete on the right.

Yes HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\melne34\AppData\Local\Microsoft\BingSvc\BingSvc.exe

Yes HKLM:Run Digital Coupon Print Driver  "C:\Program Files (x86)\Digital Coupon Printer\DigitalCouponPrinter.exe"

 

Disable these Windows Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes HKCU:Run ApplePhotoStreams Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c

Yes HKCU:RunOnce Uninstall C:\Users\melne34\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\melne34\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Yes HKLM:Run FUFAXRCV SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
Yes HKLM:Run FUFAXSTM SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"

Yes HKLM:Run HP Software Update Hewlett-Packard c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

Yes HKLM:Run Http Listener  C:\Program Files (x86)\PrintMyCouponAnywhere\PrintMyCouponAnywhere.exe
Yes HKLM:Run IgfxTray Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"

Yes HKLM:Run PDF Complete PDF Complete Inc C:\Program Files (x86)\PDF Complete\pdfsty.exe

Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\melne34\AppData\Roaming\Dropbox\bin\Dropbox.exe

 

Disable these Scheduled Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Yes Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe

es Task DropboxUpdateTaskUserS-1-5-21-2639405338-829866145-118346826-1001Core Dropbox, Inc. C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskUserS-1-5-21-2639405338-829866145-118346826-1001UA Dropbox, Inc. C:\Users\melne34\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task EPSON XP-830 Series Update {E6299587-3505-44D4-9C48-73F9451CBA7D} SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPKE.EXE /EXE:"{E6299587-3505-44D4-9C48-73F9451CBA7D}" /F:"Update"
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleFormelne34 Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleFormelne34 (null)
Yes Task HPCeeScheduleForMELNE34-HP$ Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMELNE34-HP$ (null)

Yes Task RMCreator CyberLink C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe

 

Uninstall these programs:

Bing Bar Microsoft Corporation 11/24/2011 4.21 MB 7.0.610.0

Candy Crush Saga king.com 6/7/2016  1.761.1.0
Catalina Savings Printer  1/27/2015

CouponPrinterPlugin  2/11/2011  
Digital Coupon Printer Hopster, Inc. an Inmar company 6/20/2015 154 KB 3.17.0.0

ESET Online Scanner v3  6/6/2016  
Facebook for HP TouchSmart Hewlett-Packard 11/24/2011 27.4 MB 1.1.0004
Facebook for HP TouchSmart Hewlett-Packard 11/24/2011  1.1.0004

Google Toolbar for Internet Explorer Google Inc. 5/4/2016 13.3 MB 7.5.7619.1252
Google Update Helper  2/11/2011

HP Games WildTangent 12/24/2015 14.3 MB 1.0.2.5

HP TouchSmart eBay Hewlett-Packard 11/24/2011 12.0 MB 1.0.4098.28440
HP TouchSmart eBay Hewlett-Packard 11/24/2011  1.0.4098.28440

Java 8 Update 51 Oracle Corporation 8/9/2015 9.79 MB 8.0.510

Price Finder Pronto.com 12/16/2015 392 KB 1.1.9
PrintMyCouponAnywhere RevTrax 11/7/2015 154 KB 1.0.0.0
QuickTime 7 Apple Inc. 8/9/2015 102 MB 7.77.80.95

RoxioNow Player RoxioNow 11/24/2011 5.15 MB 1.9.5.103

Twitter Hewlett-Packard 5/7/2013 16.1 MB 3.0.4276.30236

Windows Live Essentials Microsoft Corporation 11/24/2011  15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 11/24/2011 11.1 MB 15.4.5722.2

 

Uninstall Norton Online Backup Symantec Corporation 11/24/2011 12.2 MB 2.1.17869 if you don't use it.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Divaindeed22

Divaindeed22
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 11 June 2016 - 07:13 PM

Done. What do I do next?



#8 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:35 AM

Posted 11 June 2016 - 09:11 PM

Tell me what problems if any do you see. Such as ads..... misdirected searches


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users