Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure what, but something is going on...


  • Please log in to reply
14 replies to this topic

#1 Rigoletto

Rigoletto

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 27 August 2016 - 05:49 PM

Hello,

 

Weeks ago, my computer started slowing down, acting choppy, and has gotten progressively worse. Even 5 minutes or less into a session on-line, and it's become virtually impossible to proceed. I've run MalwareBytes, Emsisoft Emergency, and have AVG loaded on my computer. Additionally, I run a few other minor programs to check out rootkit. Haven't found anything, but this slowdown is driving me crazy! One message that keeps popping up is:

 

A script on this page may be busy, or it may have stopped responding. You can stop the script now, open the script in the debugger, or let the script continue.

 

Script: https://secure.flashtalking.co…meworks/js/api/2/9/html5API.js:2

 

A script on this page may be busy, or it may have stopped responding. You can stop the script now, open the script in the debugger, or let the script continue.

 

Script: http://l.yimg.com/rq/darla/2-9-16/html/r-sf.html:0

 

Any suggestions? Am I looking at some sort of malware I'm not detecting? Or just a fouled up computer?  Thanks for any help/advice out there.



BC AdBot (Login to Remove)

 


#2 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 27 August 2016 - 05:57 PM

Whoops! Forgot to mention; this regards a desktop HP running Windows 7. The computer's about 2-3 years old.



#3 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 27 August 2016 - 06:32 PM

Sorry, just remembered something else; I have over a hundred updates that for some reason won't download for installation. I tried dumping them and downloading once they were resent. Nothing...



#4 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 27 August 2016 - 06:35 PM

See what the programs below can find and remove.

 

You can block Third Party cookies...aka...ad/ tracking cookies from loading in your browsers. Once blocked use CCleaner to remove those presently installed.

How to disable third-party cookies in all major web browsers

 

If you don't have an ad blocker installed...AdBlock Plus works real well in Firefox and Google Chrome....

Adblock Plus :: Add-ons for Firefox   Adblock Plus - Chrome Web Store

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 27 August 2016 - 06:47 PM

After performing the scans above and posting the results.....you can attempt to reset the update components in Windows 7.

How do I reset Windows Update components?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 27 August 2016 - 09:22 PM

First of all, thank you, BC, for taking the time to assist. Posted below are the two reports from ADWCleaner and JRT:

 

ADCleaner:

 

# AdwCleaner v6.010 - Logfile created 27/08/2016 at 19:00:20
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-27.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : jmarsh - JMARSH-HP
# Running from : C:\Users\jmarsh\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater15.3.0
[-] Service deleted: AVG Security Toolbar Service


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Avg_Update_0116av
[-] Folder deleted: C:\ProgramData\Avg_Update_1015av
[-] Folder deleted: C:\ProgramData\Avg_Update_1215av
[-] Folder deleted: C:\Users\jmarsh\AppData\Local\AVG Secure Search
[-] Folder deleted: C:\Program Files (x86)\AVG\AVG10\Toolbar
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search


***** [ Files ] *****

[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI
[-] Key deleted: HKLM\SOFTWARE\Classes\Search.BrowserWndAPI.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Search.PugiObj
[-] Key deleted: HKLM\SOFTWARE\Classes\Search.PugiObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{63EDCDD3-8AFC-4358-A90F-F7FB8F5C64FF}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Key deleted: HKU\.DEFAULT\Software\AVG Secure Search
[-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key deleted: HKU\S-1-5-21-2522335498-833048787-1260035780-1001\Software\ParetoLogic
[-] Key deleted: HKU\S-1-5-21-2522335498-833048787-1260035780-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2522335498-833048787-1260035780-1001\Software\AVG Secure Search
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2522335498-833048787-1260035780-1001\Software\SweetIM
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AVG Secure Search
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Software\AVG Security Toolbar
[#] Key deleted on reboot: HKCU\Software\ParetoLogic
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\AVG Secure Search
[-] Key deleted: HKLM\SOFTWARE\ParetoLogic
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt


***** [ Web browsers ] *****

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by jmarsh (Administrator) on Sat 08/27/2016 at 19:09:40.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26

Successfully deleted: C:\Windows\system32\Tasks\1015avUpdateInfo (Task)
Successfully deleted: C:\Windows\Tasks\1015avUpdateInfo.job (Task)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OQ6QX2N (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8360HYUP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92U6IGKX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1W27Z1Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDR0GCTY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJEHAZH8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZW5C5OU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0F1DV0L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF2JXGVX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JY1X8H5W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M26CTCUC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\jmarsh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI4FYKHE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OQ6QX2N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8360HYUP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92U6IGKX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1W27Z1Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDR0GCTY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJEHAZH8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZW5C5OU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0F1DV0L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF2JXGVX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JY1X8H5W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M26CTCUC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI4FYKHE (Temporary Internet Files Folder)



Registry: 5

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/27/2016 at 19:13:52.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 



#7 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 28 August 2016 - 05:03 AM

That got rid of some adware and junk. Note the AVG adware that was removed. AVG may attempt to install its adware again during updates or upgrades.

Did you block the ad/ tracking cookies?

Do you have an ad blocker installed now?

Did you attempt to reset Windows Update? I have a Win 7 that once a month or so I start up to manually update. It is not unusual for it to take 30+ minutes to tell me

what security updates and other crappy updates are available for download. That's happening since the release of Windows 10.

 

  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 August 2016 - 12:04 PM

Good morning, BC.

 

Did you block the ad/ tracking cookies?       Yes.

Do you have an ad blocker installed now?   Yes.

Did you attempt to reset Windows Update? Yes, but unsuccessfully. I'm running Windows 7, and followed the instructions to open a command prompt. However, although it opened the dialogue box, I never received an option to right-click cmd and select "Run as Administrator", when opening the dialogue box. My name as administrator was on the prompt line, but I was denied access when I typed in net stop bits, and entered.

 

Should I proceed with downloading and running SecurityCheck, and uploading the info from CCleaner?


Edited by Rigoletto, 28 August 2016 - 12:07 PM.


#9 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 August 2016 - 12:24 PM

Ok, decided to go ahead. Here's the report from SecurityCheck:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.44 [17.08.16]
WebSite: www.safezone.cc
DateLog: 28.08.2016 10:08:43
Path starting: C:\Users\jmarsh\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: jmarsh
VersionXML: 3.37is-27.08.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 12.02.2011 22:06:25
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [685.3 Gb] Used: [435.9 Gb] Free: [249.4 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17914 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Notify of download and installation
Date install updates: 2016-08-28 05:28:10
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x86 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
AVG AntiVirus Free Edition (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and out of date)
AVG AntiVirus Free Edition (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.0 v.7.0.102 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
BitTorrent v.7.9.7.42331 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 101 v.8.0.1010.13 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.0.0.10 Warning! Download Update
^Please use Apple Software Update tool.^
iTunes v.12.2.2.25 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.78.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.1.5.3.9130 Warning! Download Update
Adobe Flash Player 22 ActiveX v.22.0.0.210
Adobe Flash Player 22 NPAPI v.22.0.0.209
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 48.0.2 (x86 en-US) v.48.0.2
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.48.0.2.6079
------------------ [ AntivirusFirewallProcessServices ] -------------------
AvgAMPS (AvgAMPS) - The service has stopped
C:\PROGRA~2\AVG\Av\avgrsa.exe v.16.101.0.7752
C:\Program Files (x86)\AVG\Av\avgcsrva.exe v.16.101.0.7752
AVGIDSAgent (AVGIDSAgent) - The service is running
AVG Service (avgsvc) - The service is running
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe v.1.122.2.33741
AVG Service (avgsvc) - The service is running
AVG WatchDog (avgwd) - The service is running
C:\Program Files (x86)\AVG\Av\avgwdsvca.exe v.16.101.0.7752
C:\Program Files (x86)\AVG\Av\avgnsa.exe v.16.101.0.7752
C:\Program Files (x86)\AVG\Av\avgemca.exe v.16.101.0.7752
C:\Program Files (x86)\AVG\Av\avgui.exe v.16.101.0.7752
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe v.1.122.2.33741
Windows Defender (WinDefend) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 

 

Here's the 1st report from CCleaner:

 

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKLM:Run    AppleSyncNotifier    Apple Inc.    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
No    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No    HKLM:Run    ArcSoft Connection Service    ArcSoft Inc.    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Yes    HKLM:Run    AVG_UI    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
Yes    HKLM:Run    AvgUi    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
No    HKLM:Run    Family Tree Builder Update    MyHeritage    C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
No    HKLM:Run    GrooveMonitor        "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
No    HKLM:Run    HP Software Update    Hewlett-Packard    c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
No    HKLM:Run    hpsysdrv    Hewlett-Packard    c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
No    HKLM:Run    iTunesHelper    Apple Inc.    "C:\Program Files\iTunes\iTunesHelper.exe"
Yes    HKLM:Run    Microsoft Default Manager    Microsoft Corporation    "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
No    HKLM:Run    Nikon Transfer Monitor    Nikon Corporation    C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
No    HKLM:Run    PDF Complete    PDF Complete Inc    C:\Program Files (x86)\PDF Complete\pdfsty.exe
No    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
No    HKLM:Run    Reader Library Launcher        C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
No    HKLM:Run    SmartMenu    Hewlett-Packard Company    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
Yes    HKLM:Run    StartCCC    Advanced Micro Devices, Inc.    "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Yes    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
No    Startup Common    Snapfish PictureMover.lnk    Hewlett-Packard Company    C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
 

Here's the list of Installed Programs:

 

Adobe AIR    Adobe Systems Inc.    12/23/2010        1.5.3.9130
Adobe Flash Player 22 ActiveX    Adobe Systems Incorporated    7/14/2016    18.6 MB    22.0.0.210
Adobe Flash Player 22 NPAPI    Adobe Systems Incorporated    7/12/2016    5.79 MB    22.0.0.209
Any Video Converter Ultimate 5.8.4    Any-Video-Converter.com    9/30/2015    123 MB    
Apple Application Support (32-bit)    Apple Inc.    9/16/2015    96.0 MB    3.2
Apple Application Support (64-bit)    Apple Inc.    9/16/2015    109 MB    3.2
Apple Mobile Device Support    Apple Inc.    9/16/2015    27.9 MB    8.2.1.3
Apple Software Update    Apple Inc.    1/13/2012    2.38 MB    2.1.3.127
ArcSoft Panorama Maker 5    ArcSoft    4/2/2011        5.0.1.25
ATI Catalyst Install Manager    ATI Technologies, Inc.    12/23/2010    22.3 MB    3.0.774.0
AVG Protection    AVG Technologies    8/9/2016        2016.101.7752
BitTorrent    BitTorrent Inc.    6/19/2016        7.9.7.42331
Bonjour    Apple Inc.    1/13/2012    2.00 MB    3.0.0.10
calibre    Kovid Goyal    3/14/2013    138 MB    0.9.22
CCleaner    Piriform    8/27/2016        5.21
Cobian Backup 8        8/7/2013        
ConvertXtoDVD 4.1.19.365        3/4/2012    68.1 MB    4.1.19.365
Costco Photo Organizer    Costco Wholesale Corporation    5/4/2013    12.1 MB    1.5.0.102
CyberLink DVD Suite Deluxe    CyberLink Corp.    12/23/2010    36.5 MB    7.0.3210
DVD Menu Pack for HP MediaSmart Video    Hewlett-Packard    12/23/2010    100 MB    4.2.4412
ESET Online Scanner v3        8/5/2013        
File Uploader    Nikon    4/2/2011    1.65 MB    1.2.5
FormatFactory 2.80    Free Time    1/14/2012        2.80
Google Earth    Google    8/20/2016    179 MB    7.1.5.1557
HP Games    WildTangent    12/23/2010        1.0.1.5
HP MediaSmart DVD    Hewlett-Packard    12/23/2010    107 MB    4.2.4521
HP MediaSmart Music    Hewlett-Packard    12/23/2010    75.0 MB    4.2.4517
HP MediaSmart Photo    Hewlett-Packard    12/23/2010    278 MB    4.2.4513
HP MediaSmart SmartMenu    Hewlett-Packard    12/23/2010    2.05 MB    3.1.2.4
HP MediaSmart Video    Hewlett-Packard    12/23/2010    316 MB    4.2.4522
HP Odometer    Hewlett-Packard    12/23/2010    48.0 KB    2.10.0000
HP Setup    Hewlett-Packard Company    12/23/2010        8.4.4400.3525
HP Setup Manager    Hewlett-Packard Company    12/23/2010    6.01 MB    1.0.12844.3519
HP Support Assistant    Hewlett-Packard Company    1/20/2014    80.2 MB    7.4.45.4
HP Support Information    Hewlett-Packard    12/23/2010    156 KB    10.1.1000
HP Update    Hewlett-Packard    12/23/2010    2.97 MB    5.002.003.003
HP Vision Hardware Diagnostics    Hewlett-Packard    12/23/2010    11.3 MB    2.1.6.0
iCloud    Apple Inc.    9/16/2015    91.6 MB    4.1.1.53
IPTInstaller    HTC    6/9/2015    300 KB    4.0.9
iTunes    Apple Inc.    9/16/2015    238 MB    12.2.2.25
Java 8 Update 101    Oracle Corporation    8/24/2016    93.2 MB    8.0.1010.13
Juniper Networks Setup Client    Juniper Networks    4/3/2011    800 KB    2.1.2.5973
Juniper Networks Setup Client Activex Control    Juniper Networks    4/3/2011        2.1.1.1
LabelPrint    CyberLink Corp.    12/23/2010    230 MB    2.5.3130
LightScribe System Software    LightScribe    12/23/2010    24.5 MB    1.18.15.1
Malwarebytes Anti-Malware version 2.2.1.1043    Malwarebytes    4/23/2016    66.8 MB    2.2.1.1043
Microsoft .NET Framework 4.5.2    Microsoft Corporation    1/17/2015    38.8 MB    4.5.51209
Microsoft Office Click-to-Run 2010    Microsoft Corporation    2/12/2011        14.0.4763.1000
Microsoft Office File Validation Add-In    Microsoft Corporation    6/7/2014    10.9 MB    14.0.5130.5003
Microsoft Office Professional Plus 2013    Microsoft Corporation    6/7/2014        15.0.4569.1506
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    12/23/2010    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053    Microsoft Corporation    2/14/2011    260 KB    8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053    Microsoft Corporation    2/14/2011    250 KB    8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    6/17/2011    300 KB    8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    12/23/2010    708 KB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    12/23/2010    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148    Microsoft Corporation    12/23/2010    788 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    6/17/2011    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    2/21/2013    1.41 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    12/23/2010    596 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    12/23/2010    592 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    6/17/2011    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    2/22/2015    13.8 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    2/22/2015    16.5 MB    10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)    Microsoft Corporation    2/22/2015        10.0.50903
MobileMe Control Panel    Apple Inc.    5/10/2012    12.9 MB    3.1.8.0
Mozilla Firefox 48.0.2 (x86 en-US)    Mozilla    8/24/2016    91.5 MB    48.0.2
Mozilla Maintenance Service    Mozilla    8/24/2016    267 KB    48.0.2.6079
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    2/14/2011    1.27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    2/14/2011    1.33 MB    4.20.9876.0
MyHeritage Family Tree Builder    MyHeritage.com    5/9/2013        7.0.0.7105
Nikon Transfer    Nikon    4/2/2011    47.4 MB    1.5.3
OverDrive Media Console    OverDrive, Inc.    2/22/2011    8.52 MB    3.2.5
PDF Complete Special Edition    PDF Complete, Inc    6/4/2011        4.0.57
PhotoNow!    CyberLink Corp.    12/23/2010    34.2 MB    1.1.7717
Picture Control Utility    Nikon    4/2/2011    19.2 MB    1.1.9
PictureMover    Hewlett-Packard Company    12/23/2010    61.5 MB    3.5.0.33
PlayReady PC Runtime amd64    Microsoft Corporation    12/23/2010    2.05 MB    1.3.0
PlayReady PC Runtime x86    Microsoft Corporation    12/23/2010    1.65 MB    1.3.0
Power2Go    CyberLink Corp.    12/23/2010    169 MB    6.1.4329
PowerDirector    CyberLink Corp.    12/23/2010    858 MB    8.0.3129
PressReader     NewspaperDirect Inc.    12/23/2010    8.18 MB    5.10.621.0
QuickTime 7    Apple Inc.    9/16/2015    70.3 MB    7.78.80.95
Ralink 802.11n Wireless LAN Card    Mediatek    5/4/2014        5.0.33.1
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    12/23/2010        6.0.1.6196
SAMSUNG Intelli-studio        2/26/2012        
SanDiskSecureAccess_Manager.exe    Gemalto N.V.    6/29/2013        1.1.19269
Skype™ 7.0    Skype Technologies S.A.    4/19/2015    47.9 MB    7.0.102
TurboTax 2012    Intuit, Inc    3/2/2013        2012.0
TurboTax 2013    Intuit, Inc    2/23/2014        2013.0
TurboTax 2014    Intuit, Inc    3/29/2015        2014.0
TurboTax 2015    Intuit, Inc    3/19/2016        2015.0
ViewNX    Nikon    4/2/2011    29.5 MB    1.5.2
Visual Studio 2008 x64 Redistributables    AVG Technologies    2/12/2011    8.14 MB    10.0.0.2
Visual Studio 2010 x64 Redistributables    AVG Technologies    9/27/2012    12.4 MB    13.0.0.1
Visual Studio 2012 x64 Redistributables    AVG Technologies    9/20/2013    12.9 MB    14.0.0.1
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    9/20/2013    10.5 MB    14.0.0.1
Windows Live Essentials    Microsoft Corporation    12/23/2010        15.4.3502.0922
WModem Driver Installer    HTC    6/9/2015        3.0.14.0
 



#10 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 August 2016 - 02:07 PM

I should let you know two other developments; when I last closed the computer, I apparently had downloaded about 17 upgrades; Windows needed to install before closing. I've opened the update window again an am leaving it open on the assumption that download is simply taking a LONG time. Second, my computer is running faster.



#11 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 28 August 2016 - 02:36 PM

I saw that some updates had been installed. Good plan....

QUOTE: Notify of download and installation
Date install updates: 2016-08-28 05:28:10
Windows Update (wuauserv) - The service is running

 

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes    HKLM:Run    Microsoft Default Manager    Microsoft Corporation    "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

 

Uninstall these programs:

Adobe AIR    Adobe Systems Inc.    12/23/2010        1.5.3.9130

Bonjour    Apple Inc.    1/13/2012    2.00 MB    3.0.0.10

Costco Photo Organizer    Costco Wholesale Corporation    5/4/2013    12.1 MB    1.5.0.102 (Keep if you actually use it)

ESET Online Scanner v3        8/5/2013   

HP Games    WildTangent    12/23/2010        1.0.1.5

HP Support Assistant    Hewlett-Packard Company    1/20/2014    80.2 MB    7.4.45.4
HP Support Information    Hewlett-Packard    12/23/2010    156 KB    10.1.1000

Java 8 Update 101    Oracle Corporation    8/24/2016    93.2 MB    8.0.1010.13 (Keep if you actually use it..most users don't)

PictureMover    Hewlett-Packard Company    12/23/2010    61.5 MB    3.5.0.33

PressReader     NewspaperDirect Inc.    12/23/2010    8.18 MB    5.10.621.0
QuickTime 7    Apple Inc.    9/16/2015    70.3 MB    7.78.80.95

 

The list of Scheduled Tasks is missing....check in CCleaner per prior instructions.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 August 2016 - 03:45 PM

Ok, requested programs were disabled.

All programs were uninstalled save for HP Support Information; it's there but it can't be uninstalled, the uninstall button disappears...

 

Not quite sure what this references:

 

QUOTE: Notify of download and installation
Date install updates: 2016-08-28 05:28:10
Windows Update (wuauserv) - The service is running

 

Oops! Sorry; here's the list of Scheduled Tasks:

 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    AVG-Secure-Search-Update_JUNE2013_TB_rmv        C:\Windows\TEMP\{1CC012A2-B69B-4744-A399-8DD3C798CED3}.exe --uninstall=1
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCeeScheduleForjmarsh    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjmarsh (null)
Yes    Task    SidebarExecute    Microsoft Corporation    C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes    Task    {523F2B8C-E293-457D-B5A3-3392A51B9A4F}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "K:\Windows\Setup eBook Library.exe" -d K:\Windows
Yes    Task    {54B6B5E0-16E2-4B56-A707-837BA85830C3}        C:\SWISNIFE\SWISNIFE.EXE
Yes    Task    {BA334E47-3086-4E90-9F6C-A5CC968CFFBB}        C:\SWISNIFE\SWISNIFE.EXE
 



#13 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 28 August 2016 - 03:54 PM

It references Windows updating today at 5:28 AM.

 

Delete these tasks: Use CCleaner by clicking on each item and choosing Delete on the right.

Yes    Task    AVG-Secure-Search-Update_JUNE2013_TB_rmv        C:\Windows\TEMP\{1CC012A2-B69B-4744-A399-8DD3C798CED3}.exe --uninstall=1

 

Disable these Tasks:

Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCeeScheduleForjmarsh    Hewlett-Packard    C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjmarsh (null)
Yes    Task    SidebarExecute    Microsoft Corporation    C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes    Task    {523F2B8C-E293-457D-B5A3-3392A51B9A4F}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a "K:\Windows\Setup eBook Library.exe" -d K:\Windows

Yes    Task    {54B6B5E0-16E2-4B56-A707-837BA85830C3}        C:\SWISNIFE\SWISNIFE.EXE
Yes    Task    {BA334E47-3086-4E90-9F6C-A5CC968CFFBB}        C:\SWISNIFE\SWISNIFE.EXE

 

After doing the above and rebooting....let me know if there are any other problems...otherwise...happy surfin'
 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 Rigoletto

Rigoletto
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 28 August 2016 - 09:38 PM

Ok, mission accomplished. And thank you, BC. I'm not sure I'm at 100%, but I'm a lot better off than before.



#15 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:16 PM

Posted 29 August 2016 - 04:55 AM

You're welcome...


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users