Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't know if I am infected but it would be nice to know.


  • Please log in to reply
17 replies to this topic

#1 dumafach

dumafach

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 11 August 2016 - 09:02 PM

Hello, my Vista 64bit computer got so slow and bogged down it was something I wanted to throw out the window. I bought a used rebuilt computer with windows 8.1 and I updated to windows 10 64 bit. I brought some of my folders over from the old computer that I work on every day. I guess what ever I had wrong with the vista computer I put on this computer. I click on a page or try to open a web page and then I wait. I watch the circle spin or watch tv while I wait. I am just wandering if I have something on here or have I just bogged this system down. This can not be the way computers run. I would appreciate any help you could give. Thank you



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 12 August 2016 - 02:26 PM

The programs below will clean out the rubbish along with adware and malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

After doing the above, do this if still experiencing sloooooow:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 13 August 2016 - 11:44 AM

Hello buddy215, thanks for the response.

 

I will do my best to follow your list. Please be patient with me though as this stuff drives me crazy.

 

Here is the mbam log you requested. I will start working on the rest of the list. I also wanted to let you know that it did start running better after I run the CCleaner.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/12/2016
Scan Time: 9:07 PM
Logfile: mbam log 8-12-16.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.08.12.11
Rootkit Database: v2016.08.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Roger

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 427600
Time Elapsed: 29 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, Quarantined, [6ad11b2f514988aeb686a4cdc63ced13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, Quarantined, [6ad11b2f514988aeb686a4cdc63ced13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [42f90941ecaed660b18ce88918ea24dc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Quarantined, [42f90941ecaed660b18ce88918ea24dc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Results Hub, Quarantined, [1f1c1b2f0a90c1759029092b26db55ab],
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\RESULTSHUB, Quarantined, [49f2bb8fb9e153e3dc31b9f90ef514ec],
PUP.Optional.Wajam, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\WajIEnhance, Quarantined, [3308c189891181b5cb68dfdced169b65],
PUP.Optional.Conduit, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [77c464e649515bdb685254485aa99d63],
PUP.Optional.BDYahoo, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8C2336DB-A4C5-48DF-B5A2-B49A5200A213}, Quarantined, [56e5a3a7aded77bf94a8b8e00102c63a],
PUP.Optional.YahooVNM, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, Quarantined, [310ac189ccce43f38588dae3fe058a76],
PUP.Optional.Spigot, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CC20DE29-5437-4893-BC96-160F9BF76B32}, Quarantined, [ae8d89c1a9f12c0a352b06b0a261ba46],
PUP.Optional.Yontoo, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0F82D635-C533-479D-8ACB-4771A36CB6CE}, Quarantined, [0b3064e62c6e5adc5b72cdf332d119e7],

Registry Values: 7
PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\RESULTSHUB|cg, db5634c3-0892-414c-b380-5cd1f55815ce, Quarantined, [49f2bb8fb9e153e3dc31b9f90ef514ec]
PUP.Optional.Yontoo, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, Quarantined, [3ffc4cfef3a7152102de5d6448bb0000]
PUP.Optional.Conduit, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.bing.com/search?pc=COSP&ptag=D080915-A251FF33716&form=CONBDF&conlogo=CT3334491&q={searchTerms}, Quarantined, [77c464e649515bdb685254485aa99d63]
PUP.Optional.BDYahoo, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8C2336DB-A4C5-48DF-B5A2-B49A5200A213}|URL, http://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}, Quarantined, [56e5a3a7aded77bf94a8b8e00102c63a]
PUP.Optional.YahooVNM, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10175_channel1_150809__yaie&p={searchTerms}, Quarantined, [310ac189ccce43f38588dae3fe058a76]
PUP.Optional.Spigot, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CC20DE29-5437-4893-BC96-160F9BF76B32}|URL, https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=201692&p={searchTerms}, Quarantined, [ae8d89c1a9f12c0a352b06b0a261ba46]
PUP.Optional.Yontoo, HKU\S-1-5-21-1435259156-901643519-2888212087-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0F82D635-C533-479D-8ACB-4771A36CB6CE}|URL, http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1aVA9CFVYQbQkAWAtcFQQXIxRaUgFBDABAJAheVAxJEABAJR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}, Quarantined, [0b3064e62c6e5adc5b72cdf332d119e7]

Registry Data: 0
(No malicious items detected)

Folders: 36
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\Extensions, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\Products, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\OnlineMapFinder_9p, Quarantined, [2d0e2723f3a783b387a0f4b625de9967],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Uninstall Wajam, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\10, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\2, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\3, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\5, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\6, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\resources, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\8, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656, Quarantined, [2e0d123824767fb7dcce9a2129d98a76],
PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater, Quarantined, [2e0d123824767fb7dcce9a2129d98a76],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\_metadata, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\icons, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\scripts, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\_metadata, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Yontoo, C:\ProgramData\Results Hub, Quarantined, [bc7f6ae05f3ba78f2cd611b3df23e41c],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\chrome, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\META-INF, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],

Files: 90
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\10\Plugin.exe, Quarantined, [f8439dad1d7da88e2297d75ddf221ee2],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\2\Plugin.exe, Quarantined, [43f8d1790a9038fef2c735ffff026898],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\5\Plugin.exe, Quarantined, [91aa72d8148658de20993cf88f7231cf],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\6\Plugin.exe, Quarantined, [b38866e4801af541bcfd6fc56998d62a],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\Plugin.exe, Quarantined, [f5466dddc6d40f278b2e8ca8a1609967],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\resources\38.0.5.dll, Quarantined, [47f4a3a7edad35016e4b2c08738edd23],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\resources\39.0.0.dll, Quarantined, [f24995b5e6b4d95dad0c70c4c0410af6],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\resources\40.0.0.dll, Quarantined, [2c0fb89255451b1be2d7a193fd049769],
PUP.Optional.Yontoo, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\8\Plugin.exe, Quarantined, [013a96b46832c96d52676cc84bb632ce],
PUP.Optional.Yontoo, C:\Users\Roger\AppData\Roaming\RPEng\3733F88248C0482A90BE5F2535916EDE\setup.exe, Quarantined, [3dfe6fdbe6b45fd7d7e2ab89679aaf51],
PUP.Optional.Yontoo, C:\Program Files (x86)\Results Hub\Uninstaller.exe, Quarantined, [1f1c1b2f0a90c1759029092b26db55ab],
PUP.Optional.Yontoo, C:\ods.exe, Quarantined, [e952d07a7f1bb680dbdeb48024dd619f],
PUP.Optional.DownloadAssistant, C:\Users\Roger\Downloads\malwarebytes_png&sid, Quarantined, [cb70e268693132047de9c2d72ed39a66],
PUP.Optional.DownloadAssistant, C:\Users\Roger\Downloads\malwarebytes_png&sid (1), Quarantined, [2912b595cecc1b1b0a5c930643be7789],
PUP.Optional.OpenCandy, C:\Users\Roger\Downloads\Youtube_VideoMusic_Downloader.exe, Quarantined, [e259004a8a1052e4f5942259b54c1ee2],
PUP.Optional.OpenCandy, C:\Users\Roger\AppData\Local\YouTubeMuiscDownloader\update2.exe, Quarantined, [5edd96b484165bdb8efb85f62ed38080],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\7za.exe, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\Extensions\ndboaocbmbbnpkobeaadlhpadmihnfok.crx, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\Extensions\{04e91b2b-8ba7-46eb-bd3c-419368306455}.xpi, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Results Hub\Products\UnResultsHubDesktopSearch.exe, Quarantined, [92a955f55f3b66d0f689a428d42ed52b],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\OnlineMapFinder_9p\892E0A19-0DDF-4AE8-8692-1D5652379A21.sqlite, Quarantined, [2d0e2723f3a783b387a0f4b625de9967],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Wajam Website.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Settings.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\SignIn with Facebook.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\SignIn with Twitter.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\Ask.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\Google.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\IMDb.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\Shopping.com.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\TripAdvisor.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\Wikipedia.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Search\Yahoo!.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Amazon.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Argos.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Ebay.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Etsy.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\HomeDepot.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Ikea.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Lowe's.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Mercadolivre.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\MyShopping.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Sears.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Target.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Tesco.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Walmart.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEn\Explore Social Shopping\Zalando.lnk, Quarantined, [ed4e53f7d5c591a55fbf5368be45d42c],
PUP.Optional.WinYahoo, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, Quarantined, [1b208ebcecae41f5b000f1cbc142e61a],
PUP.Optional.Yontoo, C:\ods.exe.config, Quarantined, [b38887c30793a78f8bc68d5627dc8d73],
PUP.Optional.ResultsHub, C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\temp, Quarantined, [7dbe0c3eadedec4adbcec9f243bf669a],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\config.json, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\manifest.json, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons\nta-128.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\icons\nta-48.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\android-icon.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\empty-favicon.ico, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\ios-icon.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\jquery.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.css, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.html, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\newtab.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\no_thumb.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\ntp\search-icon.png, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\background.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\jquery.min.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp_bkgd.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\ntp_util.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\scripts\utils.js, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.6_0\_metadata\verified_contents.json, Quarantined, [1823bc8e4753d165af5606b82ad824dc],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\background.html, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\config.json, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\manifest.json, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\icons\shelper-128.png, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\icons\shelper-19.png, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\icons\shelper-48.png, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\scripts\background.js, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\scripts\loader_1036.js, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\scripts\utils.js, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Spigot, C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof\1.1_0\_metadata\verified_contents.json, Quarantined, [a398f456f5a591a503053a840ef42cd4],
PUP.Optional.Yontoo, C:\ProgramData\Results Hub\ResultsHubDesktopSearch.exe.config, Quarantined, [bc7f6ae05f3ba78f2cd611b3df23e41c],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\install.rdf, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\bootstrap.js, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\chrome.manifest, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\chrome.manifest.restartless, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\chrome\ffxtbr.jar, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\META-INF\manifest.mf, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\META-INF\mozilla.rsa, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.MindSpark, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\_9pMembers_@free.onlinemapfinder.com\META-INF\mozilla.sf, Quarantined, [13282f1bc4d67cba2af2e0bc4bb952ae],
PUP.Optional.Conduit, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=D080915-A251FF33716&form=CONMHP&conlogo=CT3334491");), Replaced,[e952103a3f5ba591b65ac7d20ef68b75]
PUP.Optional.Conduit, C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js, Good: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (user_pref("browser.startup.homepage", "http://www.bing.com/?pc=COSP&ptag=D080915-A251FF33716&form=CONMHP&conlogo=CT3334491), Replaced,[72c936141c7e50e6b163267922e2916f]

Physical Sectors: 0
(No malicious items detected)

(end)



#4 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 13 August 2016 - 12:33 PM

I think you can see there was a lot of adware found and removed. Good that you are taking the time and effort to clean up the comp.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 13 August 2016 - 01:42 PM

Hello buddy215, This thing is running so much better already.

I wanted to let you know while AdsCleaner was running it froze up and stated it was not responding.
I had to shut it down to get it to run. So I have multiple results.

# AdwCleaner v6.000 - Logfile created 13/08/2016 at 11:50:52
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-13.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Roger - ROGER-PC
# Running from : C:\Users\Roger\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://toolslib.net/forum



***** [ Services ] *****

Service Found: hola_svc
Service Found: hola_updater
Service Found: LavasoftTcpService
Service Found: WCAssistantService


***** [ Folders ] *****

Folder Found: C:\Users\Roger\AppData\Local\YSearchUtil
Folder Found: C:\Users\Roger\AppData\Local\Free Youtube Downloader
Folder Found: C:\Users\Roger\AppData\LocalLow\HPAppData
Folder Found: C:\Users\Roger\AppData\LocalLow\pandasecuritytb
Folder Found: C:\Users\Roger\AppData\Roaming\Hola
Folder Found: C:\Users\Roger\AppData\Roaming\RPEng
Folder Found: C:\Users\Roger\AppData\Roaming\lavasoft\web companion
Folder Found: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\pandasecuritytb
Folder Found: C:\Program Files\Hola
Folder Found: C:\ProgramData\ytd video downloader
Folder Found: C:\ProgramData\lavasoft\web companion
Folder Found: C:\ProgramData\Application Data\ytd video downloader
Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Youtube Downloader
Folder Found: C:\Program Files (x86)\GreenTree Applications
Folder Found: C:\Program Files (x86)\pandasecuritytb
Folder Found: C:\Program Files (x86)\Free Youtube Downloader
Folder Found: C:\Program Files (x86)\lavasoft\web companion
Folder Found: C:\Program Files (x86)\Yahoo!\yset


***** [ Files ] *****

File Found: C:\Users\Roger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Youtube Downloader.lnk
File Found: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
File Found: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
File Found: C:\WINDOWS\SysNative\a.bat
File Found: C:\Users\Public\Desktop\YTD Video Downloader.lnk
File Found: C:\Users\Public\Desktop\Free Youtube Downloader.lnk
File Found: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
File Found: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
File Found: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
File Found: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi
File Found: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\searchplugins\bing-lavasoft.xml
File Found: C:\searchplugins\bing-lavasoft.xml


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\ColaBrowser.LHExplorerBar
Key Found: HKLM\SOFTWARE\Classes\ColaBrowser.LHExplorerBar.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Key Found: [x64] HKLM\SOFTWARE\Hola
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
Key Found: HKU\.DEFAULT\Software\Hola
Key Found: HKU\S-1-5-21-1435259156-901643519-2888212087-1000\Software\GreenTree Applications\YTD
Key Found: HKU\S-1-5-21-1435259156-901643519-2888212087-1000\Software\AppDataLow\Software\adawarebp
Key Found: HKU\S-1-5-18\Software\Hola
Key Found: HKCU\Software\GreenTree Applications\YTD
Key Found: HKCU\Software\AppDataLow\Software\adawarebp
Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [url]
Key Found: HKU\S-1-5-21-1435259156-901643519-2888212087-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8705F6B7-9B1B-43AF-B5D5-DD422F1B002F}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8705F6B7-9B1B-43AF-B5D5-DD422F1B002F}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8705F6B7-9B1B-43AF-B5D5-DD422F1B002F}
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [hola]
Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [hola]
Value Found: HKU\S-1-5-21-1435259156-901643519-2888212087-1000\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Value Found: HKU\S-1-5-21-1435259156-901643519-2888212087-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Web browsers ] *****

Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "browser.newtabpage.url" - "hxxp://www.bing.com/?pc=COSP&ptag=D080915-A251FF33716&form=CONMHP&conlogo=CT3334491"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10175_channel1_150809__yaff"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._9pMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\\\\892E0A19-0DDF-4AE8-8692-1D5652379A21.sqlite\",\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\"]}"
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - isearch.avg.com__
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - yahoo.com search
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - isearch.avg.com_
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.yahoo.com
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gpiifgmgnfdiblgpaepbmfdkcheicgof
Chrome pref Found: [C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - nlcphjankhppgohedpkjonpadimhaoof

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [11342 Bytes] - [13/08/2016 11:50:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11416 Bytes] ##########

Part 2 results
# AdwCleaner v6.000 - Logfile created 13/08/2016 at 12:07:32
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-13.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Roger - ROGER-PC
# Running from : C:\Users\Roger\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://toolslib.net/forum



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

File Found: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
File Found: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry element found.


***** [ Web browsers ] *****

Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10175_channel1_150809__yaff"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
Firefox pref Found: [C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js] - "extensions.toolbar.mindspark._9pMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._9pMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\\\\892E0A19-0DDF-4AE8-8692-1D5652379A21.sqlite\",\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\"]}"
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [11544 Bytes] - [13/08/2016 11:50:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [2536 Bytes] - [13/08/2016 12:07:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2609 Bytes] ##########

I will show the next results in a new window.

#6 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 13 August 2016 - 01:48 PM

I was afraid that would get too long.

 

I do not know what this is...

 

# AdwCleaner v6.000 - Logfile created 13/08/2016 at 12:11:22
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-13.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Roger - ROGER-PC
# Running from : C:\Users\Roger\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

***** [ Folders ] *****

 

***** [ Files ] *****

[#] File deleted: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[#] File deleted: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

 

***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev" -  "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10175_channel1_150809__yaff"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb" -  "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.homepage" -  "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.uninstallTasks" -  "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._9pMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\\\\892E0A19-0DDF-4AE8-8692-1D5652379A21.sqlite\",\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\"]}"

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2008 Bytes] - [13/08/2016 12:11:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [11544 Bytes] - [13/08/2016 11:50:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [2688 Bytes] - [13/08/2016 12:07:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2228 Bytes] ##########

 

JRT file:

 

# AdwCleaner v6.000 - Logfile created 13/08/2016 at 12:11:22
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-13.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Roger - ROGER-PC
# Running from : C:\Users\Roger\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum

 

***** [ Services ] *****

 

***** [ Folders ] *****

 

***** [ Files ] *****

[#] File deleted: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[#] File deleted: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

 

***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev" -  "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10175_channel1_150809__yaff"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb" -  "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.homepage" -  "hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si=49588_New-OMF-Gem"
[-] Chrome preferences cleaned: "extensions.toolbar.mindspark._9pMembers_.uninstallTasks" -  "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._9pMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\\\\892E0A19-0DDF-4AE8-8692-1D5652379A21.sqlite\",\"C:\\\\Users\\\\Roger\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\phlfbzm7.default\\\\OnlineMapFinder_9p\"]}"

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2008 Bytes] - [13/08/2016 12:11:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [11544 Bytes] - [13/08/2016 11:50:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [2688 Bytes] - [13/08/2016 12:07:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2228 Bytes] ##########

 

I had an att program that was supposed to help me but it would just confuse me. Here is what it showed me and I was wandering if this is right.

 

Found in AT&T toolbox.

Disable Paging Executive - Detected unwanted paging details in the system causing slow disk performances.



#7 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 13 August 2016 - 02:05 PM

You posted another AdwCleaner log instead of the JRT one.

 

I'm not sure what that Paging Executive is. I'll have to see what I can find. In the meantime if you can find the JRT log....post it.

After doing the Eset Scan do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 

 

EDIT: From the web........

The DisablePagingExecutive registry setting is set to 0 by default, which allows drivers and system code to be paged to the disk. When set to 1, drivers and system code will be forced to stay resident in memory. Once again, some people believe that Windows isn’t smart enough to manage the pagefile on its own and believe that changing this option will force Windows to keep important files in memory rather than stupidly paging them out.

If you have more than enough memory, changing this won’t really do anything. If you have little memory, changing this setting may force Windows to push programs you’re using to the page file rather than push unused system files there — this would slow things down. This is an option that may be helpful for debugging in some situations, not a setting to change for more performance.


Edited by buddy215, 13 August 2016 - 02:11 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 27 August 2016 - 11:39 AM

Sorry I had to leave for awhile.

 

Here is the JRT log while I try to catch up on the list of stuff to do.

 

I hope I have not lost you.

 

JRT Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by Roger (Administrator) on Sat 08/13/2016 at 13:22:37.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 105 
 
Successfully deleted: C:\ProgramData\Start Menu\Programs\results hub (Folder) 
Successfully deleted: C:\Users\Roger\AppData\Local\{00E95555-18DC-43B3-8A2C-A86A0E67B53D} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{015CDD7D-855A-41AF-BDC7-DBDC51A0D906} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{019708DA-72B8-4205-B496-71FED867F232} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{073190B4-2BF2-4EA5-842A-533279B0304A} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{09BFDCF8-EE87-484B-8B32-FCD4A1FD8D64} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{0A5BF0B3-3838-4374-942B-B0D28F749229} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{0E259D9D-455D-49B4-863C-8C42FF7B36E3} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{11FDFF32-7133-4245-BFAE-9A0716D77C60} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{1615951E-5653-4C2F-9062-B071FFB46C03} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{16B79D1B-4292-486F-B3E1-D9AFF1CEC306} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{19901243-648E-4B53-BBDE-66BA90F3CD1C} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{1E01321D-8F56-4D45-A1CF-F495FC94588E} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{1F709739-909D-4227-BF4E-42F13188E3E0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{22F4F594-4828-4FA9-8754-AA354FEB5C74} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{234A2E3F-0DA4-404D-BB28-86825A0DA712} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{265F2219-718F-461E-9267-9C651FDEB1EF} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{29875B98-988F-42C6-B13E-6AB8F13048F6} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{2EA266D1-B49B-4602-927B-BD54F4D889A0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{2F693525-AA3D-4DE6-8EDE-15D4C3777B8C} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{3006ED17-9984-4531-BA3B-47762885B08A} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{305D1184-991D-4AED-AB67-553A9BDD5C33} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{309D97A2-8C68-4B20-9EE4-33EE27FEB37E} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{30C5D809-118E-4982-B44C-AC4F7A7D6813} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{34EC1CBD-2697-4E5C-968B-F47DECA148C9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{39CA0959-A463-4C8B-93A9-6B8C5E4524D9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{3F4669F7-F481-4602-9D9E-FF06D99D4B56} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{4006BCDF-9F83-4C4F-B173-A5C5A89EFCBB} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{4030758E-FCF3-49D1-8E26-88A845BFAE08} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{416E3C6D-D032-4614-950E-561036365495} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{42168B5E-BB54-4A3E-917A-4BED26C2C768} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{45AF2539-1848-4658-AA0C-57F8FA1A54D9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{479E5D33-48A5-4258-A787-06BB023F20DC} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{48D28E85-CEA8-4F43-ADF1-05EF8A15AF28} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{4F32AE28-F71C-4BFF-B49D-37BDF02B2936} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{50FEEECA-E82B-429F-9288-DA842506076A} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{593CFB34-1429-408A-9598-3A50FF75D20B} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{5AF40ACD-2A6E-455D-AF26-EED74331E346} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{5C4AB5EB-D0E1-4D7A-9006-B7514FFE4BD1} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{5E6A4CA0-A4DB-4AFD-9CE9-CD90C7181356} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{619DE3D4-26B7-4647-83E2-F2B378A48830} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{6353FCAC-3054-4B0A-80CD-39CFD8890222} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{68DCCE4A-7449-4FA6-A3D6-0431A2E70BA9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{69A2E4B1-C93E-4189-8A20-436324FF80C4} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{6D2B4E95-9E3A-422D-904D-5F8F813298E0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{70011B4F-2350-4C44-8A3F-4246384321FD} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7422D017-2137-48FA-A286-03D319259A7A} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{74D00F27-4C99-47CA-A9A0-EED52C95DD38} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{776C1F78-1588-4B0D-A6BC-A9989887E6CC} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{77B3B7EA-2A86-4400-9CD1-437E8D09D9DE} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7C5C051C-FD1F-406A-9225-FD34651B16EA} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7C67554E-6F28-48BA-B210-ADEC9D54547F} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7CF3F535-BFDE-463F-9746-78EB8DBAC24C} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7EB4B63A-A0E8-4C23-AA8D-563F1D5EA85C} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{7F7BDBDA-C9D9-4827-A5A0-50D5E362C51F} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{815077E4-82EF-4A85-B6F0-0136CCADF857} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{826A9B34-0E28-4537-9809-14E5C80D7A10} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{8962F780-857B-439C-B443-D68213671169} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{8A46C334-5D8C-46C7-8389-2ADC0DCC8DC6} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{8B29BC19-2904-410F-87B3-6779CA78FE64} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{8B4DDA58-5BC0-4F62-97FB-CD9D197F6968} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{8E0E7534-D6EA-4DEF-A8FC-379050C0BA59} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{93609DEB-181F-475A-8FAA-6A0E3E20C656} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{9A75446D-A365-467A-9F1A-DFB3B40802BE} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{9D83704E-3D10-4762-96F1-745F2417D4AB} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{A1B67E7A-4045-40FF-8C35-D13260619C12} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{A542BB81-832E-46F7-83FA-3BA6BFE89344} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{A7F90652-8A4E-4191-92BE-0423FA4FAD7E} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{AA99C803-0C07-4A57-B732-752ACCBA0F7D} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{AB2235CB-2A5F-4E9B-AF3E-922F5C263201} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{AD6ADE6B-166C-4E5E-80B6-B30F4F244608} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{B0190995-82A0-47CB-890A-502D2FB123E1} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{B1140465-321C-4644-8AE6-3604A0175E05} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{B50D74BA-766B-46AE-A6CA-B5784556B8F9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{B79D2498-2890-460F-874A-6907AC3E5BC5} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{B7A0F881-D3F0-440B-A34F-5B98898052B0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{BAD7B77C-84D2-48C4-A53B-F5ED4910AF28} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{BE531F91-E875-4CE1-89E1-7E596A020E9E} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{C407BC90-0D21-4DBC-9999-590F8F7FF3E3} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{C71FF4CC-4BBB-4BD7-A2BE-9B5A8EAD21B6} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{C7B40A34-CC14-46D0-954D-0A2921C86B64} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{CBC11152-57C7-4F22-990E-E74D0D5F2EE0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{CD62A0C5-6C46-47D1-95D0-0ED1102430C9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{CF024826-F72B-490C-884D-B70EBD6E8DBC} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{D13F300E-2D4D-472E-9B35-6071DAA0CC82} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{D3AAE7C3-52BE-416A-9A88-6C55C0CEEEF5} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{D559B196-2E29-4BCF-AA18-D39ABE74BDB1} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{D72DC1C2-6672-4BA6-A1BD-DBA63AFBD7BA} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{DA1C9374-3111-4F84-9D95-84F432E68F71} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{DF504582-CB53-4A63-BDFE-1BBCDF5E50E7} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{DF856928-C92E-4626-84A7-625E00B4ECB9} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{E394AF5E-797A-484E-B597-8DDFFEC4B106} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{E9B71CC7-FF24-4B59-9050-1B739FC4C955} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{ED30417C-F083-4A88-9DCC-4D786D773DC7} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{EEA784A3-E9CB-41D8-805B-81EEE4EAD2B3} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F10C6988-3A53-4DAE-BAB2-2A8A86EF75F0} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F3B116EC-B56E-466B-876B-5ED985A70435} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F43DD565-5B39-4277-8638-E727A09D09FB} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F58E42EA-7FF9-44E7-A6DF-FB7FD68DF2A4} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F593A790-65DB-4590-BCEB-4ABCE257AD8E} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F76DD8A6-5AC7-4921-8E26-54850EC3F509} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\{F77592D3-8312-4ED3-8431-0B154AFD9F25} (Empty Folder)
Successfully deleted: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
Successfully deleted: C:\WINDOWS\prefetch\G-FORCE TOOLBAR.EXE-4A7ED2EE.pf (File) 
 
Deleted the following from C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\phlfbzm7.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
user_pref(extensions.toolbar.mindspark._9pMembers_.BUTTON_STRUCTURE, [{\b\:224541277,\c\:\mindspark.magnify\,\p\:\L.0\},{\b\:224541278,\c\:\mindspark.enterse
user_pref(extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb, hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^B
user_pref(extensions.toolbar.mindspark._9pMembers_.browser.version.last, 47.0);
user_pref(extensions.toolbar.mindspark._9pMembers_.coId, 2d3b42c2421c4498907dc654b48ada6c);
user_pref(extensions.toolbar.mindspark._9pMembers_.firstKnownVersion, 7.38.8.46548);
user_pref(extensions.toolbar.mindspark._9pMembers_.homepage, hxxp://home.tb.ask.com/index.jhtml?ptb=892E0A19-0DDF-4AE8-8692-1D5652379A21&n=782a2e04&p2=^BA5^xdm162^YYA^us&si
user_pref(extensions.toolbar.mindspark._9pMembers_.hp.enabled, true);
user_pref(extensions.toolbar.mindspark._9pMembers_.initialized, true);
user_pref(extensions.toolbar.mindspark._9pMembers_.installType, XPI);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.dlpCountryCode, US);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.installDate, 2016030212);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.partnerId, ^BA5^xdm162^YYA^us);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.partnerSubId, 49588_New-OMF-Gem);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.success, true);
user_pref(extensions.toolbar.mindspark._9pMembers_.installation.toolbarId, 892E0A19-0DDF-4AE8-8692-1D5652379A21);
user_pref(extensions.toolbar.mindspark._9pMembers_.lastActivePing, 1469812733235);
user_pref(extensions.toolbar.mindspark._9pMembers_.lastKnownVersion, 7.38.8.46548);
user_pref(extensions.toolbar.mindspark._9pMembers_.lssState, {\previousLocales\:[\en-US\,\en\],\supportedLocales\:[\de\,\es\,\pt\,\ja\,\en\],\defaultLoca
user_pref(extensions.toolbar.mindspark._9pMembers_.options.defaultSearch, false);
user_pref(extensions.toolbar.mindspark._9pMembers_.options.homePageEnabled, false);
user_pref(extensions.toolbar.mindspark._9pMembers_.options.keywordEnabled, false);
user_pref(extensions.toolbar.mindspark._9pMembers_.options.tabEnabled, false);
user_pref(extensions.toolbar.mindspark._9pMembers_.productDeliveryOption.language, en);
user_pref(extensions.toolbar.mindspark._9pMembers_.productDeliveryOption.type, Toolbar);
user_pref(extensions.toolbar.mindspark._9pMembers_.successUrl, hxxp://free.onlinemapfinder.com/installComplete.jhtml);
user_pref(extensions.toolbar.mindspark._9pMembers_.toolbar.versionChanged, false);
user_pref(extensions.toolbar.mindspark._9pMembers_.toolbarCollapsed, true);
user_pref(extensions.toolbar.mindspark._9pMembers_.uninstallTasks, {\prefBranchesToDelete\:[\extensions.toolbar.mindspark._9pMembers_.\],\filesToDelete\:[\C:\\\\User
user_pref(extensions.toolbar.mindspark._dpMembers_.lastActivePing, 1458583125074);
user_pref(extensions.toolbar.mindspark.hp.enabled, true);
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/13/2016 at 13:25:11.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#9 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 27 August 2016 - 11:51 AM

Here is the un-install list.

 

 

1.1.3 PDFZilla 1/6/2016 3.81 MB
3D Builder Microsoft Corporation 7/20/2016 11.1.9.0
7-Zip 9.20 (x64 edition) Igor Pavlov 5/4/2015 2.48 MB 9.20.00.0
Ad-Aware Antivirus Lavasoft 1/8/2016 17.8 MB 11.8.586.8535
Adobe Acrobat Reader DC Adobe Systems Incorporated 8/2/2016 578 MB 15.017.20053
Adobe AIR Adobe Systems Incorporated 1/8/2016 22.5 MB 17.0.0.144
Adobe Shockwave Player 12.2 Adobe Systems, Inc. 1/8/2016 11.2 MB 12.2.0.162
Alarms & Clock Microsoft Corporation 8/26/2016 10.1608.2312.0
AllShare Framework DMS Samsung 2/17/2016 69.9 MB 1.3.23
AMD Catalyst Control Center AMD 12/31/2015 1.00.0000
ANIWZCS2 Service 6/2/2016
App connector Microsoft Corporation 12/31/2015 1.3.3.0
Apple Application Support (32-bit) Apple Inc. 7/25/2016 152 MB 4.3.2
Apple Application Support (64-bit) Apple Inc. 7/25/2016 197 MB 4.3.2
Apple Mobile Device Support Apple Inc. 3/21/2016 43.2 MB 9.3.0.15
Apple Software Update Apple Inc. 3/13/2016 4.91 MB 2.2.0.150
Avery Design & Print Avery Products Corporation 1/8/2016 403 MB 1.0.0
Bonjour Apple Inc. 10/18/2015 8.04 MB 3.1.0.1
Calculator Microsoft Corporation 8/24/2016 10.1608.2213.0
Camera Microsoft Corporation 8/23/2016 2016.816.20.0
Candy Crush Soda Saga king.com 6/22/2016 1.68.500.0
CCleaner Piriform 8/13/2016 18.3 MB 5.20
Cisco EAP-FAST Module Cisco Systems, Inc. 8/7/2015 1.52 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 8/7/2015 838 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 8/7/2015 1.28 MB 1.1.6
Compatibility Pack for the 2007 Office system Microsoft Corporation 8/20/2016 331 MB 12.0.6612.1000
D-Link RangeBooster N DWA-140 D-Link 6/2/2016 17.5 MB
DesktopEarth CodeFromThe70s.org 12/17/2015 13.7 MB 2.1.1
Free YouTube Download version 3.2.61.805 DVDVideoSoft Ltd. 9/8/2015 57.8 MB 3.2.61.805
Free YouTube Downloader 4.1.477 HOW Inc. 2/17/2016 18.0 MB
G-Force SoundSpectrum 4/23/2016 24.1 MB 5.4.3
Get Office Microsoft Corporation 8/24/2016 17.7319.23511.0
Get Skype Skype 12/31/2015 3.2.1.0
Get Started Microsoft Corporation 7/23/2016 4.0.9.0
Google Chrome Google, Inc. 5/4/2015 41.3 MB 52.0.2743.116
Google Earth Google 3/17/2016 224 MB 7.1.5.1557
Groove Music Microsoft Corporation 8/26/2016 3.6.23981.0
HP AiO Printer Remote HP Inc. 8/9/2016 60.1.156.0
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3 HP 3/16/2016 10.0
HP Dropbox Plugin Hewlett-Packard Co. 7/14/2016 7.13 MB 36.0.31.53050
HP ENVY 4510 series Basic Device Software Hewlett-Packard Co. 7/14/2016 105 MB 36.0.72.54013
HP ENVY 4510 series Help Hewlett Packard 7/14/2016 14.8 MB 36.0.0
HP Google Drive Plugin Hewlett-Packard Co. 7/14/2016 7.14 MB 36.0.31.53050
HP Photo Creations HP Photo Creations Powered by RocketLife 4/17/2016 1.97 MB 1.0.0.2024
HP Photosmart Essential 3.5 HP 12/31/2015 3.5
HP Scan and Capture Hewlett-Packard Company 7/15/2016 40.0.245.0
HP Smart Web Printing 4.51 HP 12/31/2015 4.51
HP Support Assistant 10/5/2015
HP Support Solutions Framework Hewlett-Packard Company 10/5/2015 33.3 MB 12.5.26.37
HP Update Hewlett-Packard 10/19/2015 17.2 MB 5.005.002.002
HPDiagnosticCoreDll Hewlett Packard 8/23/2016 10.8 MB 1.0.15.0
iCloud Apple Inc. 7/25/2016 162 MB 5.2.2.87
Intel® Graphics Media Accelerator Driver Intel Corporation 12/31/2015 54.2 MB 8.15.10.1930
iTunes Apple Inc. 8/1/2016 325 MB 12.4.3.1
Java 8 Update 91 Oracle Corporation 5/11/2016 178 MB 8.0.910.14
Java 8 Update 91 (64-bit) Oracle Corporation 5/11/2016 204 MB 8.0.910.14
K-Lite Codec Pack 9.3.0 (Basic) 2/17/2016 45.3 MB 9.3.0
Mail and Calendar Microsoft Corporation 8/24/2016 17.7167.40721.0
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 8/12/2016 56.7 MB 2.2.1.1043
Maps Microsoft Corporation 8/23/2016 5.1608.2310.0
MediaMonkey 4.1 Ventis Media Inc. 4/17/2016 54.1 MB 4.1
Memorex exPressit Label Design Studio 12/31/2015
Messaging + Skype Microsoft Corporation 4/19/2016 2.15.20002.0
Microsoft Mouse and Keyboard Center Microsoft Corporation 1/8/2016 37.6 MB 2.5.166.0
Microsoft Office File Validation Add-In Microsoft Corporation 6/18/2016 81.6 MB 14.0.5130.5003
Microsoft Office Standard Edition 2003 Microsoft Corporation 10/21/2015 1.02 GB 11.0.8173.0
Microsoft Silverlight Microsoft Corporation 6/22/2016 143 MB 5.1.50428.0
Microsoft Solitaire Collection Microsoft Studios 8/16/2016 3.11.7293.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 9/19/2015 5.21 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 8/10/2015 33.9 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 5/4/2015 1.10 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 5/4/2015 31.5 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 8/10/2015 18.3 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 8/10/2015 45.7 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 1/16/2016 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 12/31/2015 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 7/19/2016 17.1 MB 12.0.21005.1
Microsoft Wi-Fi Microsoft Corporation 4/29/2016 1.1604.4.0
Money Microsoft Corporation 8/23/2016 4.13.47.0
Movies & TV Microsoft Corporation 8/24/2016 3.6.23941.0
Mozilla Firefox 48.0.1 (x86 en-US) Mozilla 8/25/2016 90.6 MB 48.0.1
Mozilla Maintenance Service Mozilla 8/25/2016 388 KB 48.0.1.6073
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10/2/2015 6.98 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 10/2/2015 5.77 MB 4.20.9876.0
News Microsoft Corporation 8/23/2016 4.13.47.0
OneNote Microsoft Corporation 8/23/2016 17.7341.57671.0
OpenOffice 4.1.1 Apache Software Foundation 5/4/2015 320 MB 4.11.9775
Panda Free Antivirus Panda Security 8/25/2016 131 MB 16.01.03.0000
Panda Safe Web Panda Security and Visicom Media Inc. 7/7/2016 8.59 MB 4.3.1.18
ParetoLogic PC Health Advisor ParetoLogic, Inc. 8/26/2016 3.1.7.0
People Microsoft Corporation 7/22/2016 10.0.11902.0
Phone Microsoft Corporation 6/3/2016 2.17.27003.0
Phone Companion Microsoft Corporation 8/24/2016 10.1608.2211.0
Photos Microsoft Corporation 8/16/2016 16.722.10060.0
Picasa 3 Google, Inc. 12/31/2015 61.8 MB 3.9.140.239
Product Improvement Study for HP ENVY 4510 series Hewlett-Packard Co. 7/14/2016 20.7 MB 36.0.72.54013
Samsung Drive Manager Clarus, Inc. 7/19/2016 53.8 MB 1.0.174
Samsung Link 2.0.0.1603091618 Samsung Electronics Co.,Ltd 3/21/2016 205 MB 2.0.0.1603091618
Seagate Dashboard Seagate 7/29/2016 305 MB 4.4.1902.0
SeaTools for Windows 1.4.0.4 Seagate Technology 7/19/2016 1.4.0.4
Skype™ 7.9 Skype Technologies S.A. 9/4/2015 142 MB 7.9.103
SmartPCFixer 5.2 LionSea Software co., ltd 8/26/2016 45.9 MB 5.2
Sports Microsoft Corporation 8/23/2016 4.13.47.0
Store Microsoft Corporation 4/30/2016 11602.1.26.0
Sway Microsoft Corporation 8/12/2016 17.7341.45171.0
Twitter Twitter Inc. 8/6/2016 5.2.0.0
VLC media player VideoLAN 1/8/2016 118 MB 2.2.1
Voice Recorder Microsoft Corporation 8/24/2016 10.1608.2211.0
Weather Microsoft Corporation 8/23/2016 4.13.47.0
Web Companion Lavasoft 12/3/2015 2.3.1441.2805
Winamp Nullsoft, Inc 12/31/2015 5.666 
WinCleaner OneClick Professional Version 12 Business Logic Corporation 7/27/2016 4.80 MB 12.5.0.0
Windows DVD Player Microsoft Corporation 12/31/2015 3.6.13291.0
Windows Live Essentials Microsoft Corporation 9/19/2015 15.4.3555.0308
Xbox Microsoft Corporation 7/30/2016 19.19.28029.0
Youtube Video/Music Downloader 7.2 YoutubeMusicDownloader.us Inc. 8/9/2015 7.24 MB 7.2
 


#10 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 27 August 2016 - 12:01 PM

I know there are some new programs I have downloaded just yesterday. My computer in my bedroom was connected wireless. For some reason it has lost the ability to see the antenna. I do not know what happen so I downloaded those programs to help me but they just want money.

 

Smart pc fixer

 

Pareto logic health advisor

 

and one other. Once I fix this computer that will be my next post. They just keep piling up. I hate computers at times. That computer will be something that will test the most hardened savvy tech.

 

Thank you  



#11 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 27 August 2016 - 12:19 PM

Here are the other list you requested. I hope in order this time.

 

Windows startups:

Yes HKCU:Run AppleIEDAV Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run HP ENVY 4510 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP ENVY 4510 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH61I3K0F6068H:NW" -scfn "HP ENVY 4510 series (NET)" -AutoStart 1
Yes HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Yes HKCU:Run iCloudPhotos Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Roger\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run Uploader Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
Yes HKCU:RunOnce Uninstall C:\Users\Roger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Roger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
Yes HKLM:Run AdAwareTray Lavasoft Limited "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
Yes HKLM:Run ANIWZCS2Service Wireless Service C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
Yes HKLM:Run D-Link D-Link RangeBooster N DWA-140 D-Link Corp. C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
Yes HKLM:Run DBAgent Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run Nero MediaHome 4 Nero AG "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
Yes HKLM:Run PSUAMain Panda Security, S.L. "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
Yes HKLM:Run Samsung Link Samsung Electronics Co.,Ltd "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
Yes HKLM:Run StartCCC Advanced Micro Devices, Inc. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes Startup Common AT&T Support Plus PC Maintenance Toolbox.lnk Sutherland Global Services, Inc. C:\Program Files (x86)\ATTSplusPCMT\SPLUS_UI.exe
Yes Startup Common Samsung Drive Manager Real-Time.lnk Clarus, Inc. C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
Yes Startup User DesktopEarth AutoStart.lnk C:\Users\Roger\AppData\Roaming\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe
 
 
Scheduled startups:
 
Yes Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore1d0e2374638aed3 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA1d0e23746bd2303 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForRoger Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRoger (null)
Yes Task ParetoLogic Registration3 Microsoft Corporation C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Yes Task ParetoLogic Update Version3 Paretologic Inc. C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Yes Task ParetoLogic Update Version3 Startup Task Paretologic Inc. C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask
Yes Task PC Health Advisor ParetoLogic, Inc. C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan
Yes Task PC Health Advisor Defrag ParetoLogic, Inc. C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag
Yes Task Roger Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger.nji"
Yes Task Roger DBAgent 2 0 Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"
Yes Task Roger Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger Merge.nji"
Yes Task Roger1 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger1.nji"
Yes Task Roger1 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger1 Merge.nji"
Yes Task Roger2 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger2.nji"
Yes Task Roger2 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger2 Merge.nji"
Yes Task Roger3 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger3.nji"
Yes Task Roger3 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger3 Merge.nji"
Yes Task RunSPlusUI "SPLUS_UI.exe" trayicon
Yes Task Seagate_Install_Launch Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Yes Task {098EAF9A-B47F-4AE1-80B0-B598F8F47872} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a D:\util\ccc\enu\Q283787_W2K_SP3_x86.EXE -d D:\util\ccc\enu
 
 
Context startups
 
Yes Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
Yes Directory Add to VLC media player's Playlist VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Yes Directory Add to Winamp's Bookmark list Nullsoft, Inc. "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1"
Yes Directory Enqueue in Winamp Nullsoft, Inc. "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1"
Yes Directory Play in MediaMonkey Ventis Media Inc. "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1"
Yes Directory Play in Winamp Nullsoft, Inc. "C:\Program Files (x86)\Winamp\winamp.exe" "%1"
Yes Directory Play last in MediaMonkey Ventis Media Inc. "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1"
Yes Directory Play next in MediaMonkey Ventis Media Inc. "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1"
Yes Directory Play with VLC media player VideoLAN "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Yes Drive AdAwareContextMenu C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll
Yes File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
Yes File AdAwareContextMenu C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll
Yes File Cover Designer Nero AG C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
Yes File MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
Yes File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
Yes File UAContextMenu Panda Security, S.L. C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll
Yes Folder MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
Yes Folder UAContextMenu Panda Security, S.L. C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll
 
This was one of the tabs so I included it.


#12 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 28 August 2016 - 05:55 AM

Those programs you downloaded are junk. Use the programs for that computer that I posted here.

 

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run AppleIEDAV Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run HP ENVY 4510 series (NET) Hewlett-Packard Development Company, LP "C:\Program Files\HP\HP ENVY 4510 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH61I3K0F6068H:NW" -scfn "HP ENVY 4510 series (NET)" -AutoStart 1
Yes HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Yes HKCU:Run iCloudPhotos Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Yes HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Roger\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run Uploader Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
Yes HKCU:RunOnce Uninstall C:\Users\Roger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Roger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
Yes HKLM:Run AdAwareTray Lavasoft Limited "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run Nero MediaHome 4 Nero AG "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
Yes Startup User DesktopEarth AutoStart.lnk C:\Users\Roger\AppData\Roaming\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe
 
Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore1d0e2374638aed3 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA1d0e23746bd2303 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForRoger Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRoger (null)
Yes Task ParetoLogic Registration3 Microsoft Corporation C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Yes Task ParetoLogic Update Version3 Paretologic Inc. C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Yes Task ParetoLogic Update Version3 Startup Task Paretologic Inc. C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask
Yes Task PC Health Advisor ParetoLogic, Inc. C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan
Yes Task PC Health Advisor Defrag ParetoLogic, Inc. C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag
Yes Task Roger Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger.nji"
Yes Task Roger DBAgent 2 0 Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"
Yes Task Roger Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger Merge.nji"
Yes Task Roger1 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger1.nji"
Yes Task Roger1 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger1 Merge.nji"
Yes Task Roger2 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger2.nji"
Yes Task Roger2 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger2 Merge.nji"
Yes Task Roger3 Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger3.nji"
Yes Task Roger3 Merge Seagate Technology LLC "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" "C:\Users\Roger\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Roger3 Merge.nji"
Yes Task RunSPlusUI "SPLUS_UI.exe" trayicon
Yes Task Seagate_Install_Launch Seagate Technology LLC C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Yes Task {098EAF9A-B47F-4AE1-80B0-B598F8F47872} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a D:\util\ccc\enu\Q283787_W2K_SP3_x86.EXE -d D:\util\ccc\enu
 
Uninstall these programs: Use Download Revo Uninstaller Freeware because some of the programs can be difficult using just the Windows uninstaller.
Ad-Aware Antivirus Lavasoft 1/8/2016 17.8 MB 11.8.586.8535
Adobe AIR Adobe Systems Incorporated 1/8/2016 22.5 MB 17.0.0.144
Candy Crush Soda Saga king.com 6/22/2016 1.68.500.0
Free YouTube Download version 3.2.61.805 DVDVideoSoft Ltd. 9/8/2015 57.8 MB 3.2.61.805

Free YouTube Downloader 4.1.477 HOW Inc. 2/17/2016 18.0 MB

Java 8 Update 91 Oracle Corporation 5/11/2016 178 MB 8.0.910.14
Java 8 Update 91 (64-bit) Oracle Corporation 5/11/2016 204 MB 8.0.910.14
Panda Safe Web Panda Security and Visicom Media Inc. 7/7/2016 8.59 MB 4.3.1.18
ParetoLogic PC Health Advisor ParetoLogic, Inc. 8/26/2016 3.1.7.0
Picasa 3 Google, Inc. 12/31/2015 61.8 MB 3.9.140.239
Product Improvement Study for HP ENVY 4510 series Hewlett-Packard Co. 7/14/2016 20.7 MB 36.0.72.54013
SmartPCFixer 5.2 LionSea Software co., ltd 8/26/2016 45.9 MB 5.2
Web Companion Lavasoft 12/3/2015 2.3.1441.2805
Winamp Nullsoft, Inc 12/31/2015 5.666 
WinCleaner OneClick Professional Version 12 Business Logic Corporation 7/27/2016 4.80 MB 12.5.0.0
 
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:06:35 PM

Posted 28 August 2016 - 03:01 PM

I have done most of what you requested except for a couple of items I wanted to check with you first..

 

Panda is my only web security. I wanted to find out from you before I delete it.

 

Also, I have been using Picasa for years now to control my pics. 

 

Next, HP Envy 4510 is my new AIO printer. I did not want to remove everything without knowing why.

On the Envy there were to be 182 files and folders. I tried to download the full program so I could use the smart phones and tablet to print from.

 

Please let me know what to do.

 

Thank you



#14 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 28 August 2016 - 04:01 PM

You have two Panda installed programs....the one I asked to delete is their ad revenue producing one. You will still be protected.

 

Keep Picasa...just be aware it is no longer supported/ updated.

 

I only advised to disable your printer from startup to save computer resources and speed up startup. You can leave it in startup if you want to.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:35 PM

Posted 28 August 2016 - 04:44 PM

It's been over 2 weeks since you first posted. Along with that and some unsavory downloads I suggest you run scans using CCleaner

MBAM, AdwCleaner and Junkware Remover.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users