Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

YahLover.worm infection undetected-Chrome useless...


  • Please log in to reply
9 replies to this topic

#1 themaninthejar

themaninthejar

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 June 2016 - 12:12 AM

I have been infected with the YahLover virus?worm?- It renders Chrome useless with re directs/fake help software pop ups- I also get the fake Google Security alert. Anything launched from Chrome is affected. Services are normal with Edge. I have run MWB/Sophos/Rogue Killer/Adware Cleaner/JRT/TDSS Killer/Emsisoft/NPE......Nothing picks this sucker up!!

 

I haven't seen this topic and I searched so if it has been addressed I apologize for not picking it up...help?!



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:14 AM

Posted 25 June 2016 - 06:16 AM

Uninstall Chrome. Use Download Revo Uninstaller Freeware in Advanced mode to completely remove Chrome...including your bookmarks and passwords.

Suggest not to reinstall until problem is solved.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

After posting the Eset scan log....please do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 June 2016 - 04:57 PM

Hi-  So, I've done everything you suggested and the results picked up on 4 items' I have the reports but I'm hitting a brick wall as far as copy & paste to here. I open the report/highlight & copy; hit the paste icon, a window pops up stating because of my security settings ,it can't be copied directly so paste here(in the window); so I do- its pasted and that's it- the "OK" "button" doesn't function- I must be doing something wrong..... :smash: 



#4 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:14 AM

Posted 25 June 2016 - 05:45 PM

Just to be clear...is it the Eset Online scan results that you can not post? If so, since it is only 4 items, could you just

manually type them into your next post? If it is items mentioned in AdwCleaner quarantine then no need to type those.

 

Have you tried to post the Three lists using CCleaner's Tools?

 

Have you uninstalled Google Chrome?....just double checking.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 June 2016 - 06:10 PM

yes I've uninstalled Chrome & used CCleaner as directed for the reports

 

Maybe the problem is I saved the reports to my desktop first? > I'll try again

 

Thank you so much for addressing this !



#6 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:14 AM

Posted 25 June 2016 - 06:17 PM

Did the Eset Scan find anything?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 June 2016 - 06:18 PM

No HKCU:Run  Maintance  "C:\Program Files\\net1.exe" windowsStartup
No HKCU:Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}  "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run GarminExpressTrayApp Garmin Ltd. or its subsidiaries "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
No HKCU:Run GoogleChromeAutoLaunch_D6C5B18D21E2F7171ACEA04A6D40E2C3  "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
No HKCU:Run HPAdvisorDock Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
No HKCU:Run i6188 北京华林保软件技术有限公司 C:\Users\victor\Documents\POWERTOOLS\PowerTool x64 V1.3\PowerTool x64 V1.3\i6188.exe
No HKCU:Run LightScribe Control Panel Hewlett-Packard Company C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\victor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
No HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\system32\StikyNot.exe
No HKCU:Run Sidebar  C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
No HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
No HKCU:Run SpybotSD TeaTimer  C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
No HKCU:Run TomTomHOME.exe  "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
No HKCU:Run Wipe Maintance  "C:\Program Files\Wipe\net1.exe" windowsStartup
Yes HKCU:RunOnce Uninstall C:\Users\victor\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\victor\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
No HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No HKLM:Run Bing Bar  "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"
Yes HKLM:Run emsisoft anti-malware Emsisoft Ltd "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
No HKLM:Run hpsysdrv Hewlett-Packard c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
No HKLM:Run ISUSPM Startup Macrovision Corporation c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
No HKLM:Run ISUSScheduler Macrovision Corporation "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
No HKLM:Run Malwarebytes Anti-Exploit  C:\Program Files\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit\mbae.exe
No HKLM:Run Microsoft Default Manager Microsoft Corporation "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
No HKLM:Run NeroFilterCheck  C:\Windows\SysWOW64\NeroCheck.exe
No HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
No HKLM:Run NWEReboot  
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
No HKLM:Run SmartMenu Hewlett-Packard Company C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
No HKLM:Run Zemana AntiMalware  "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
No Startup Common Heimdal.lnk CSIS Security Group C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe
No Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe
No Startup Common McAfee Security Scan Plus.lnk  C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE
No Startup Common Ralink Wireless Utility.lnk Ralink Technology, Inc. C:\PROGRA~2\Ralink\Common\RaWiFi.exe
No Startup Common RealPlayer Cloud Service UI.lnk RealNetworks, Inc. C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
No Startup Common Secunia PSI Tray.lnk Secunia C:\PROGRA~2\Secunia\PSI\psi_tray.exe
No Startup Common Snapfish PictureMover.lnk Hewlett-Packard Company C:\PROGRA~2\PICTUR~1\Bin\PICTUR~1.EXE -det
No Startup User Wipe Tray Agent.lnk  C:\PROGRA~1\Wipe\Wipe.exe

 

Esets:

C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting
C:\Users\victor\Desktop\Hirens.BootCD.15.2\Hiren's.BootCD.15.2.iso a variant of Win32/Adware.SpeedingUpMyPC.AM application deleted
C:\Users\victor\Desktop\Hirens.BootCD.15.2.zip a variant of Win32/Adware.SpeedingUpMyPC.AM application deleted
C:\Users\victor\Downloads\unchecky_setup.exe a variant of Win32/InstallCore.ACL potentially unwanted application cleaned by deleting

 

 

Install..

 

3D Builder Microsoft Corporation 5/27/2016  11.1.8.0
Adobe Acrobat Reader DC Adobe Systems Incorporated 6/3/2016 375 MB 15.016.20045
Adobe AIR Adobe Systems Incorporated 5/30/2014 23.3 MB 14.0.0.103
Adobe Flash Player 22 ActiveX Adobe Systems Incorporated 6/17/2016 55.7 MB 22.0.0.192
Adobe Flash Player 22 NPAPI Adobe Systems Incorporated 6/16/2016 38.1 MB 22.0.0.192
Adobe Shockwave Player 12.1 Adobe Systems, Inc. 3/13/2014 233 MB 12.1.0.150
Age of Empires®: Castle Siege Microsoft Studios 6/25/2016  1.18.16.0
Alarms & Clock Microsoft Corporation 6/16/2016  10.1605.1472.0
Amazon Amazon.com 12/16/2015  3.1.2.8
Amazon Add to Wish List IE Extension 1.2 Amazon 12/3/2011 4,096 GB 1.2
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 5/12/2012 36.2 MB 3.0.851.0
App connector Microsoft Corporation 12/16/2015  1.3.3.0
Apple Application Support Apple Inc. 3/26/2015 124 MB 3.0.6
Apple Software Update Apple Inc. 1/1/2015 6.74 MB 2.1.3.127
ArcSoft VideoImpression 2 ArcSoft 11/6/2010 135 MB 
ArcSoft WebCam Companion 2 ArcSoft 11/6/2010 22.7 MB 
Audacity 1.3.12 (Unicode) Audacity Team 2/18/2011 32.7 MB 
Bonjour Apple Inc. 6/4/2014 3.23 MB 3.0.0.10
Calculator Microsoft Corporation 1/21/2016  10.1601.49020.0
Camera Microsoft Corporation 5/31/2016  2016.404.120.0
Candy Crush Saga king.com 6/13/2016  1.770.3.0
CCleaner Piriform 3/31/2016 17.7 MB 5.16
CinemaNow Media Manager CinemaNow, Inc. 9/8/2010 4.93 MB 1.9.1.105
Cisco Connect Cisco Consumer Products LLC 2/4/2014 66.0 MB 1.4.12263.1
Cisco EAP-FAST Module Cisco Systems, Inc. 1/1/2015 5.44 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 1/1/2015 4.73 MB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 1/1/2015 5.19 MB 1.1.6
CVE-2013-3893  9/21/2013  
Defraggler Piriform 3/15/2015 12.8 MB 2.21
DVD Menu Pack for HP MediaSmart Video Hewlett-Packard 9/8/2010 120 MB 4.1.4030
DVD Shrink 3.2 DVD Shrink 11/7/2010 948 KB 
Emsisoft Anti-Malware Emsisoft Ltd. 6/24/2016 298 MB 11.0
ESET Online Scanner v3  6/25/2016  
Facebook Facebook Inc 6/22/2016  58.495.2695.0
FileASSASSIN Malwarebytes 3/1/2013  1.06
Flipboard Flipboard 5/25/2016  2.1.1.0
Garmin Express Garmin Ltd or its subsidiaries 5/2/2015 175 MB 4.0.19.0
Get Office Microsoft Corporation 6/9/2016  17.7031.23501.0
Get Skype Skype 12/16/2015  3.2.1.0
Get Started Microsoft Corporation 6/24/2016  3.9.10.0
Google Toolbar for Internet Explorer Google Inc. 4/22/2016 14.4 MB 7.5.7619.1252
Groove Music Microsoft Corporation 6/21/2016  3.6.22051.0
Heimdal CSIS Security Group 6/23/2016  1.10.5.0
HP Advisor Hewlett-Packard 11/8/2010 108 MB 3.4.12850.3526
HP Customer Participation Program 13.0 HP 6/10/2012  13.0
HP Explore Hewlett-Packard Company 12/16/2015  0.1.50.0
HP Games WildTangent 9/8/2010 12.2 MB 1.0.1.3
HP Imaging Device Functions 13.0 HP 6/10/2012  13.0
HP MediaSmart CinemaNow 2.0 Hewlett-Packard 9/8/2010 74.2 MB 2.0
HP MediaSmart DVD Hewlett-Packard 9/8/2010 104 MB 4.1.4229
HP MediaSmart Music Hewlett-Packard 9/8/2010 98.1 MB 4.1.4301
HP MediaSmart Photo Hewlett-Packard 9/8/2010 142 MB 4.1.4211
HP MediaSmart SmartMenu Hewlett-Packard 9/8/2010 4.89 MB 3.1.1.12
HP MediaSmart Video Hewlett-Packard 9/8/2010 149 MB 4.1.4214
HP MediaSmart/TouchSmart Netflix Hewlett-Packard 9/8/2010 79.8 MB 1.0.3.0
HP Odometer  9/8/2010  
HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 HP 6/10/2012  13.0
HP Power Assistant Hewlett-Packard 11/26/2010 81.7 MB 1.1.1.5
HP Product Detection HP 5/12/2012 1.22 MB 11.14.0001
HP Setup Hewlett-Packard 9/8/2010 74.2 MB 8.1.4186.3400
HP Smart Web Printing 4.51 HP 6/10/2012  4.51
HP Solution Center 13.0 HP 6/10/2012  13.0
HP Support Information  9/8/2010  
HP Update Hewlett-Packard 12/8/2013 13.2 MB 5.005.000.002
HP Vision Hardware Diagnostics Hewlett-Packard 9/8/2010 109 MB 2.1.2.27173
Hulu Desktop Hulu LLC 10/30/2010  0.9.14
iHeartRadio iHeartMedia. 2/19/2016  5.0.5.0
Japanese Fonts Support For Adobe Reader X Adobe Systems Incorporated 12/9/2013 25.4 MB 10.0.0
Java 8 Update 91 Oracle Corporation 4/20/2016 178 MB 8.0.910.14
Java™ 6 Update 29 Oracle 6/8/2011 12.0 MB 6.0.290
LabelPrint CyberLink Corp. 9/8/2010 165 MB 2.5.2823
LightScribe System Software LightScribe 8/17/2013 50.8 MB 1.18.27.10
LiveUpdate 3.3 (Symantec Corporation) Symantec Corporation 11/8/2010  3.3.0.61
Mail and Calendar Microsoft Corporation 6/21/2016  17.6965.40901.0
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 4/24/2016 56.8 MB 2.2.1.1043
Maps Microsoft Corporation 6/21/2016  5.1606.1670.0
Messaging + Skype Microsoft Corporation 4/18/2016  2.15.20002.0
Microsoft Office Click-to-Run 2010 Microsoft Corporation 10/30/2010 6.52 MB 14.0.4763.1000
Microsoft Office File Validation Add-In Microsoft Corporation 6/14/2016 39.1 MB 14.0.5130.5003
Microsoft Office Professional Plus 2007 Microsoft Corporation 1/30/2012 26.4 MB 12.0.6612.1000
Microsoft Silverlight Microsoft Corporation 6/23/2016 193 MB 5.1.50428.0
Microsoft Solitaire Collection  5/4/2016  
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 10/30/2010 3.47 MB 3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 10/31/2010 256 KB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 10/31/2010 246 KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 6/17/2011 9.17 MB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 9/8/2010 9.19 MB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 4/23/2011 10.4 MB 8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 4/23/2011 7.86 MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 4/23/2011 7.38 MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 9/8/2010 7.87 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 9/8/2010 14.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/17/2011 7.05 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 9/8/2010 7.38 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9/8/2010 7.38 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/17/2011 6.74 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 Microsoft Corporation 4/23/2011 32.4 MB 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 Microsoft Corporation 6/21/2012 22.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 7/24/2014 17.1 MB 12.0.21005.1
Microsoft Wi-Fi Microsoft Corporation 4/28/2016  1.1604.4.0
Money Microsoft Corporation 6/4/2016  4.9.76.0
Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 9/8/2010 186 MB 4.1.4030
Movies & TV Microsoft Corporation 6/22/2016  3.6.21441.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10/31/2010 7.06 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 10/31/2010 7.14 MB 4.20.9876.0
MSXML 4.0 SP3 Parser Microsoft Corporation 10/12/2013 237 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 10/12/2013 236 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 9/25/2014 237 MB 4.30.2107.0
News Microsoft Corporation 6/4/2016  4.9.76.0
Norton 360 Symantec Corporation 7/9/2015 631 MB 22.6.0.142
Norton Management Symantec Corporation 8/3/2013 71.8 MB 3.2.2.12
Norton Online Backup Symantec Corporation 9/8/2010 12.4 MB 2.1.17869
NTREGOPT 1.1j Lars Hederer 12/21/2014 235 KB 
OCR Software by I.R.I.S. 13.0 HP 6/10/2012  13.0
OGT-Diagnostic Tool  12/9/2013  
OneNote Microsoft Corporation 6/24/2016  17.7070.57821.0
PDF Complete Special Edition PDF Complete, Inc 9/8/2010 36.2 MB 3.5.111
People Microsoft Corporation 4/5/2016  10.0.10811.0
Phone Microsoft Corporation 6/4/2016  2.17.27003.0
Phone Companion Microsoft Corporation 2/4/2016  10.1602.3010.0
PhotoNow! CyberLink Corp. 9/8/2010 31.3 MB 1.1.6904
Photos Microsoft Corporation 6/3/2016  16.526.11220.0
PictureMover Hewlett-Packard Company 9/8/2010 91.9 MB 3.5.0.28
PlayReady PC Runtime amd64 Microsoft Corporation 9/8/2010 6.37 MB 1.3.0
RabbitTV RabbitTV.com 7/19/2013  1.0.0.8
Ralink 802.11n Wireless LAN Card Ralink 6/13/2012 41.2 MB 3.2.13.0
RealPlayer Cloud RealNetworks 7/19/2014 150 MB 17.0.10
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 12/23/2015 38.9 MB 6.0.1.7535
Recuva Piriform 12/8/2013 9.30 MB 1.49
Revo Uninstaller 1.95 VS Revo Group 6/25/2016  1.95
RogueKiller version 12 Adlice Software 6/24/2016 69.7 MB 12
Roxio Creator Audio Roxio 1/1/2012 23.9 MB 3.3.0
Roxio Creator Copy Roxio 1/1/2012 22.0 MB 3.3.0
Roxio Creator Data Roxio 1/1/2012 23.3 MB 3.3.0
Roxio Creator DE Roxio 1/1/2012 56.5 MB 3.3.0
Roxio Creator Tools Roxio 1/1/2012 21.3 MB 3.3.0
Roxio Drag-to-Disc Roxio 1/1/2012 20.5 MB 9.0
Roxio Express Labeler Roxio 1/1/2012 27.6 MB 2.1.0
Roxio MyDVD DE Roxio, Inc. 1/1/2012 241 MB 9.0.117
Roxio Update Manager Roxio 1/1/2012 2.07 MB 3.0.0
Secunia PSI (3.0.0.8013) Secunia 10/30/2013 10.6 MB 3.0.0.8013
Shop for HP Supplies HP 6/10/2012  13.0
Skype Click to Call Microsoft Corporation 5/29/2016 30.9 MB 8.3.0.9150
Skype™ 7.0 Skype Technologies S.A. 4/14/2015 104 MB 7.0.102
Sophos Virus Removal Tool Sophos Limited 6/23/2016 293 MB 2.5.5
SpeedFan (remove only)  10/26/2013  
Sports Microsoft Corporation 6/4/2016  4.9.76.0
Store Microsoft Corporation 4/30/2016  11602.1.26.0
Sway Microsoft Corporation 6/14/2016  17.7070.45221.0
System Ninja version 3.1.3 SingularLabs 4/6/2016 7.99 MB 3.1.3
Toolwiz Smart Defrag 2011 Toolwiz.com. 5/30/2015 1.91 MB 1.3.0.0
Tweaking.com - Windows Repair Tweaking.com 5/9/2015 10.7 MB 3.1.4
Tweaking.com - Windows Repair (All in One) Tweaking.com 3/30/2015 10.7 MB 3.1.0
Twitter Twitter Inc. 6/9/2016  5.1.2.0
Unchecky v0.4.3 RaMMicHaeL 3/24/2016 5.13 MB 0.4.3
Unity Web Player Unity Technologies ApS 3/13/2011 12.0 MB 
Voice Recorder Microsoft Corporation 6/16/2016  10.1605.1471.0
Weather Microsoft Corporation 6/4/2016  4.9.76.0
WildTangent Games WildTangent 2/26/2011 59.2 MB 1.0.2.5
WildTangent Games App for HP WildTangent 2/20/2011 5.05 MB 4.0.11.14
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Dynastream Innovations, Inc. 3/8/2014  04/11/2012 1.2.40.201
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) Silicon Labs Software 3/8/2014  02/06/2007 3.1
Windows DVD Player Microsoft Corporation 12/16/2015  3.6.13291.0
Windows Live Essentials Microsoft Corporation 11/1/2010  15.4.3502.0922
Windows Live Sync Microsoft Corporation 10/30/2010 7.27 MB 14.0.8089.726
Xbox Microsoft Corporation 6/18/2016  15.18.14017.0
Xvid 1.2.1 final uninstall Xvid team (Koepi) 4/10/2011 718 KB 1.2
Yahoo! Software Update  5/24/2011  
Zinio Reader 4 Zinio LLC 9/8/2010 5.19 MB 4.0.2811

 

Tasks start up

 

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
No Task Defraggler Volume C Task Piriform Ltd C:\Program Files\Defraggler\df64.exe "C:" /ts /user "victor" /appPath "C:\Program Files\Defraggler"
No Task GarminUpdaterTask  C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
No Task RealDownloaderDownloaderScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
No Task RealDownloaderRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
No Task RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
No Task RealPlayerRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
No Task RealPlayerRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
No Task RealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
No Task RealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
No Task RecoveryCDWin7 Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" RecoveryCDWin7 ShowMessageTask
No Task ServicePlan Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" ServicePlan ShowMessageTask15D
No Task SidebarExecute  C:\Program Files\Windows Sidebar\sidebar.exe /showGadgets
No Task Tweaking.com - Windows Repair Tray Icon Tweaking.com C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
No Task {2A258C33-6719-4729-AC6A-3B86B2B2E354} Skype Technologies S.A. C:\Program Files (x86)\Skype\\Phone\Skype.exe
No Task {48C11517-0F56-4F3A-9F8E-0DE0BE1B3A9D} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\victor\AppData\Local\Temp\InstallFlashPlayer.exe -d C:\Users\victor\Desktop
Yes Task {4ABB6A73-1383-4F06-BF0A-37B81E1BC78E} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\Malwarebytes Anti-Exploit\mbaeuninstaller.exe" -d "C:\Program Files\Malwarebytes Anti-Exploit"
Yes Task {504D3A8F-B6E3-46A9-AA37-DD3C8263CD80} Malwarebytes C:\Users\victor\Downloads\mbam-repair-1.0.0.1300.exe
No Task {7987D117-C2B1-4A86-A844-CA782C8CC20D} Microsoft Corporation C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
No Task {B885277B-3BD2-45B1-B4FF-1ECD5919109C} RealNetworks, Inc. C:\Program Files (x86)\Real\RealPlayer\realplay.exe

 

 

 

Well, apparently it was just temp glitch- that's everything

 

yes I've uninstalled Chrome & used CCleaner as directed for the reports

 

Maybe the problem is I saved the reports to my desktop first? > I'll try again

 

Thank you so much for addressing this !

 

it works now



#8 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:14 AM

Posted 25 June 2016 - 07:30 PM

Delete this Windows Startup: Use CCleaner by clicking on it and choosing Delete.

No HKCU:Run GoogleChromeAutoLaunch_D6C5B18D21E2F7171ACEA04A6D40E2C3  "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

 

Uninstall these programs:

Adobe AIR Adobe Systems Incorporated 5/30/2014 23.3 MB 14.0.0.103

Amazon Amazon.com 12/16/2015  3.1.2.8
Amazon Add to Wish List IE Extension 1.2 Amazon 12/3/2011 4,096 GB 1.2

Candy Crush Saga king.com 6/13/2016  1.770.3.0

ESET Online Scanner v3  6/25/2016

FileASSASSIN Malwarebytes 3/1/2013  1.06

Google Toolbar for Internet Explorer Google Inc. 4/22/2016 14.4 MB 7.5.7619.1252

Heimdal CSIS Security Group 6/23/2016  1.10.5.0 (If you purchased this....keep it)

HP Advisor Hewlett-Packard 11/8/2010 108 MB 3.4.12850.3526
HP Customer Participation Program 13.0 HP 6/10/2012  13.0

HP Games WildTangent 9/8/2010 12.2 MB 1.0.1.3

Java™ 6 Update 29 Oracle 6/8/2011 12.0 MB 6.0.290

LiveUpdate 3.3 (Symantec Corporation) Symantec Corporation 11/8/2010  3.3.0.61

RealPlayer Cloud RealNetworks 7/19/2014 150 MB 17.0.10

RogueKiller version 12 Adlice Software 6/24/2016 69.7 MB 12

Shop for HP Supplies HP 6/10/2012  13.0
Skype Click to Call Microsoft Corporation 5/29/2016 30.9 MB 8.3.0.9150

Sophos Virus Removal Tool Sophos Limited 6/23/2016 293 MB 2.5.5

Unity Web Player Unity Technologies ApS 3/13/2011 12.0 MB

WildTangent Games WildTangent 2/26/2011 59.2 MB 1.0.2.5
WildTangent Games App for HP WildTangent 2/20/2011 5.05 MB 4.0.11.14

Windows Live Essentials Microsoft Corporation 11/1/2010  15.4.3502.0922
Windows Live Sync Microsoft Corporation 10/30/2010 7.27 MB 14.0.8089.726

Yahoo! Software Update  5/24/2011

 

Are these programs up to date...paid for? If not...you should uninstall.

Norton 360 Symantec Corporation 7/9/2015 631 MB 22.6.0.142
Norton Management Symantec Corporation 8/3/2013 71.8 MB 3.2.2.12
Norton Online Backup Symantec Corporation 9/8/2010 12.4 MB 2.1.17869

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

 

 

 

Delete These Tasks: Use CCleaner by clicking on each item and choosing Delete on the right.

Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

No Task RealDownloaderDownloaderScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
No Task RealDownloaderRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
No Task RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
No Task RealPlayerRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
No Task RealPlayerRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
No Task RealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
No Task RealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 RealNetworks, Inc. C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck

No Task {48C11517-0F56-4F3A-9F8E-0DE0BE1B3A9D} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\victor\AppData\Local\Temp\InstallFlashPlayer.exe -d C:\Users\victor\Desktop

No Task {B885277B-3BD2-45B1-B4FF-1ECD5919109C} RealNetworks, Inc. C:\Program Files (x86)\Real\RealPlayer\realplay.exe

 

Well, apparently it was just temp glitch- that's everything

Or gremlins...:)

 

After doing the above, I think it would be safe to reinstall Google Chrome if you want to. Chrome Browser


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 25 June 2016 - 10:16 PM

Whew! that was fun; I must go deleting more often...

 

Just a couple of notes :

 

No HKCU:Run GoogleChromeAutoLaunch_D6C5B18D21E2F7171ACEA04A6D40E2C3  "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

( Cleaner could not find the program - must be gone)

 

HP Customer Participation Program 13.0 HP 6/10/2012  13.0> got a pop up stating that the driver to my printer would be affected if uninstalled- so I didn't--should I?

 

And that does it  :bananas:

 

Can not thank you enough !  Now to think about Chrome again; Edge is ugh! ; I don't know-I'll stay with it till I cant take it any longer

 

Thanks again !!



#10 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:14 AM

Posted 26 June 2016 - 05:28 AM

The HP program probably calls home every time you start the printer. That should be the only effect....it just won't call home.

I consider it spyware but you can leave it or uninstall....many have uninstalled without any problem.

 

There's always Firefox...my favorite.

 

You're welcome...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users