Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pup.Optional infection


  • Please log in to reply
9 replies to this topic

#1 spalladino25

spalladino25

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 19 October 2016 - 10:30 AM

I ran a scan of Malwarebytes and it came back with the below infection. It says it's in the registry. I attempted to remove the infection, but it keeps coming back. Any help would be appreciated. Thank you.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/19/2016
Scan Time: 2:23 AM
Logfile: malware scan.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.10.19.03
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Shane
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 408386
Time Elapsed: 15 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [df306833edadcc6a94859cd510f241bf], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [df306833edadcc6a94859cd510f241bf], 
PUP.Optional.Uniblue, HKLM\SOFTWARE\CLASSES\pc-mechanic, , [17f82774dac02b0bf6b2a84ecb394bb5], 
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E4FDD39-3A21-4A06-B29A-326CD5735805}, , [b15e0d8e8812e056e0e77a8f16efe41c], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DTReg, , [14fb2c6fcdcd23134ed9597fd52dee12], 
PUP.Optional.Uniblue, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pc-mechanic, , [7996a2f9a5f52a0ccaded71ff50f6898], 
 
Registry Values: 6
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [08076734950595a1ea5905eb649f5ba5], %5
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [ed220d8e25752610ac979e523bc8a060], %5
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E4FDD39-3A21-4A06-B29A-326CD5735805}|Path, \MySearchDial, , [b15e0d8e8812e056e0e77a8f16efe41c]
PUP.Optional.FilesFrog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [6ca3d1caa9f11125133022cef211f20e], %5
PUP.Optional.FFHotfix, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|hotfix@mozilla.org, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [29e6415af4a6e74f5f25c629758e8e72]
PUP.Optional.FFHotfix, HKU\S-1-5-21-604611455-680184243-2562987250-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|hotfix@mozilla.org, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [ee21debd2a70bd795033a24d659e837d]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 4
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\skin, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
 
Files: 9
PUP.Optional.DefaultTab, C:\Windows\System32\Tasks\DTReg, , [13fca4f71a80fe38f82ae4f4f80aca36], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome.manifest, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\install.rdf, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\addlist.js, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\em.xul, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\hashtable.js, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\overlay.xul, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\update.js, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\skin\mozilla-logo.png, , [52bdbbe0dfbbf5418fe79135cd354ab6], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Edited by spalladino25, 19 October 2016 - 10:31 AM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:10 AM

Posted 19 October 2016 - 10:37 AM

You need to change the settings and you need to rerun MBAM as the log you posted doesn't show you allowed MBAM to delete/ quarantine what it found.

Use the programs below to clean, remove adware and remove malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled Change to Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

 

  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 25 October 2016 - 11:55 AM

Ok, so here are all the scans. For some reason ESET failed. When it was finished scanning it crashed and the screen went blank. I'm not sure why that happened.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/21/2016
Scan Time: 9:58 AM
Logfile: mb log.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.10.21.08
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Shane
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 423631
Time Elapsed: 51 min, 34 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [0bd16d2e8c0e989eb366f47d6e947c84], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [0bd16d2e8c0e989eb366f47d6e947c84], 
PUP.Optional.Uniblue, HKLM\SOFTWARE\CLASSES\pc-mechanic, , [57855843eeaca6900b9a7284c73d13ed], 
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E4FDD39-3A21-4A06-B29A-326CD5735805}, , [edef8813128837ff537144c59372e917], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DTReg, , [4a92acef7b1f2c0add4a9246c240fe02], 
PUP.Optional.Uniblue, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pc-mechanic, , [05d7aeedf6a455e12d7839bdd430b64a], 
 
Registry Values: 6
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [a339a5f6dfbbf73f8db5cb25768d55ab], %5
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [1ebe15867f1b8aac3210c22e5ea53ec2], %5
PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E4FDD39-3A21-4A06-B29A-326CD5735805}|Path, \MySearchDial, , [edef8813128837ff537144c59372e917]
PUP.Optional.FilesFrog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SDP\SHELL\OPEN\COMMAND, "C:\Users\Shane\AppData\Local\FilesFrog Update Checker\update_checker.exe" /protocol , [5a825843c2d8f3434af8e50bcf340df3], %5
PUP.Optional.FFHotfix, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|hotfix@mozilla.org, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [508cc0dba8f20135dba81ed1be45669a]
PUP.Optional.FFHotfix, HKU\S-1-5-21-604611455-680184243-2562987250-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|hotfix@mozilla.org, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [65778f0ce2b865d14c36d619bc47ac54]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix, , [6c70abf07525cf67492d7a4ca9596c94], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome, , [6c70abf07525cf67492d7a4ca9596c94], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content, , [6c70abf07525cf67492d7a4ca9596c94], 
 
Files: 5
PUP.Optional.DefaultTab, C:\Windows\System32\Tasks\DTReg, , [c8147922b3e7e94d81a16870b44edc24], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome.manifest, , [6c70abf07525cf67492d7a4ca9596c94], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\addlist.js, , [6c70abf07525cf67492d7a4ca9596c94], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\hashtable.js, , [6c70abf07525cf67492d7a4ca9596c94], 
PUP.Optional.FFHotfix, C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\update.js, , [6c70abf07525cf67492d7a4ca9596c94], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
# AdwCleaner v6.030 - Logfile created 21/10/2016 at 11:38:50
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-18.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Shane - SHANE-HP
# Running from : C:\Users\Shane\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Shane\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\Administrator\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\Administrator\AppData\Roaming\RPEng
[-] Folder deleted: C:\ProgramData\apn
[#] Folder deleted on reboot: C:\ProgramData\Application Data\apn
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder deleted: C:\Program Files (x86)\myfree codec
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder deleted: C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj
 
 
***** [ Files ] *****
 
[-] File deleted: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File deleted: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File deleted: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File deleted: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key deleted: HKU\S-1-5-21-604611455-680184243-2562987250-1000\Software\Myfree Codec
[-] Key deleted: HKU\S-1-5-21-604611455-680184243-2562987250-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
[#] Key deleted on reboot: HKCU\Software\Myfree Codec
[-] Key deleted: HKLM\SOFTWARE\Myfree Codec
[-] Key deleted: HKLM\SOFTWARE\Uniblue
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
[#] Key deleted on reboot: [x64] HKCU\Software\Myfree Codec
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\D2A425F405350054677A7A857BC07100
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC07100
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC07100
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC07100
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Features\D2A425F405350054677A7A857BC07100
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC07100
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Key deleted: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key deleted: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key deleted: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: aaaaaiabcopkplhgaedhbloeejhhankf
[-] [C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kdidombaedgpfiiedeimiebkmbilgmlc
[-] [C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [10395 Bytes] - [21/10/2016 11:38:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [10363 Bytes] - [21/10/2016 11:27:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10543 Bytes] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Shane (Administrator) on Mon 10/24/2016 at 23:10:31.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 19 
 
Successfully deleted: C:\Users\Shane\AppData\Local\nico mak computing (Folder) 
Successfully deleted: C:\Users\Shane\Documents\add-in express (Folder) 
Successfully deleted: C:\Program Files (x86)\max uninstaller (Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I3F39MT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMSO38YJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QEUEDORJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHVZDG3M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I3F39MT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMSO38YJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QEUEDORJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHVZDG3M (Temporary Internet Files Folder) 
 
 
 
Registry: 8 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OutfoxTV (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\BrowserPlugInHelper (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d2a2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d2a2} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/24/2016 at 23:14:33.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:10 AM

Posted 25 October 2016 - 01:26 PM

The MBAM log you posted still does not show you allowed it to delete/ quarantine what it found. Please rerun MBAM and be sure to

follow these directions:

  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.

The scan results will be different than the last two because some items were deleted by the two other scans.

 

MBAM will ask you to reboot to complete the removal. Once you have rebooted please try the Eset Online Scan again. Allow it full use of computer resources

by closing all other programs and disabling your antivirus security program. If you have Spybot S&D installed please uninstall it before scanning with Eset.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 25 October 2016 - 03:43 PM

MBAM didn't find anything...

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/25/2016
Scan Time: 2:29 PM
Logfile: malwarebytes.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.10.25.12
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Shane
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 422441
Time Elapsed: 49 min, 43 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#6 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:10 AM

Posted 25 October 2016 - 05:50 PM

When Eset has finished its scan and you have rebooted if needed to remove what Eset found, please do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 25 October 2016 - 08:10 PM

Here they are.

 

No EPLTarget
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run DVDFab VDrive Fengtao Software Inc. "C:\Program Files\DVDFab Virtual Drive\vdrive.exe"
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545"
No HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Yes HKCU:Run Spotify Spotify Ltd "C:\Users\Shane\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
Yes HKCU:Run Spotify Web Helper Spotify Ltd "C:\Users\Shane\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
Yes HKLM:Run Adobe Creative Cloud Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
No HKLM:Run AVG_UI "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
No HKLM:Run BeatsOSDApp Hewlett-Packard C:\Program Files\IDT\WDM\beats64.exe
No HKLM:Run EEventManager "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
No HKLM:Run FUFAXRCV "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
No HKLM:Run FUFAXSTM "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
No HKLM:Run HP Software Update Hewlett-Packard c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
No HKLM:Run hpsysdrv Hewlett-Packard c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
No HKLM:Run PDF Complete PDF Complete Inc C:\Program Files (x86)\PDF Complete\pdfsty.exe
Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
No HKLM:Run StartCCC Advanced Micro Devices, Inc. "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
No HKLM:Run SysTrayApp IDT, Inc. C:\Program Files\IDT\WDM\sttray64.exe
Yes Startup Common FAH.lnk Nico Mak Computing C:\Program Files\WinZip\FAHConsole.exe
Yes Startup Common GoPro Importer.lnk C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
Yes Startup Common Transfer Utility Camera Monitor.lnk PIXELA CORPORATION C:\Program Files (x86)\PIXELA\Transfer Utility\CameraMonitor.exe
Yes Startup Common Update Notifier.lnk Nico Mak Computing C:\Program Files\WinZip\WZUpdateNotifier.exe
Yes Startup Common WinZip Preloader.lnk WinZip Computing, S.L. C:\Program Files\WinZip\WzPreloader.exe
Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Shane\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
 
7-Zip 15.11 beta Igor Pavlov 12/11/2015 3.42 MB 15.11
Adobe AIR Adobe Systems Incorporated 8/17/2015 18.0.0.199
Adobe Creative Cloud Adobe Systems Incorporated 5/20/2015 80.6 MB 3.0.1.88
Adobe Flash Player 23 ActiveX Adobe Systems Incorporated 10/17/2016 5.36 MB 23.0.0.185
Adobe Photoshop CC 2014 Adobe Systems Incorporated 5/20/2015 1.76 GB 15.2.2
AMD Catalyst Install Manager 4/9/2012 22.7 MB
AMD Media Foundation Decoders 4/9/2012
Apple Application Support (32-bit) Apple Inc. 7/11/2015 96.0 MB 3.2
Apple Application Support (64-bit) Apple Inc. 7/11/2015 109 MB 3.2
Apple Mobile Device Support Apple Inc. 7/11/2015 27.9 MB 8.2.1.3
Apple Software Update Apple Inc. 8/24/2013 2.38 MB 2.1.3.127
Audacity 2.0.6 Audacity Team 12/4/2014 47.2 MB 2.0.6
Avast Free Antivirus AVAST Software 10/17/2016 12.3.2280
Bass Station 1.6 Novation Digital Music Systems Ltd. 5/8/2013 1.6
Blio K-NFB Reading Technology, Inc. 4/9/2012 38.5 MB 2.2.8188
Bonjour Apple Inc. 8/24/2013 2.00 MB 3.0.0.10
Bubble Wrap XM Asia Pacific Pte Ltd 4/9/2012 2.19 MB 1.0.0.0
Canon Utilities CameraWindow DC 8 Canon Inc. 12/11/2015 8.10.4.24
ccc-utility64 4/9/2012
CCleaner Piriform 10/19/2016 5.23
Dealio Toolbar v8.9 Spigot, Inc. 4/5/2014 6.05 MB 8.9
Dropbox Dropbox, Inc. 11/19/2013 2.4.7
DVDFab Virtual Drive version 1.4.1.0 Fengtao Software Inc. 10/13/2013 1.40 MB 1.4.1.0
EPSON WorkForce 545 Series Printer Uninstall SEIKO EPSON Corporation 7/29/2015
FL Studio 11 Image-Line 10/22/2013
FlowStone FL 3.0 10/22/2013
Focusrite USB 2.0 Audio Driver 2.5.1 Focusrite Audio Engineering Limited. 10/30/2014 2.49 MB 2.5.1
Google Chrome Google Inc. 5/11/2013 54.0.2840.71
HP Application Assistant Hewlett-Packard 4/9/2012 4.77 MB 1.0.393.3870
HP Auto 4/9/2012
HP Calendar Hewlett-Packard 4/9/2012 11.0 MB 5.1.4245.23508
HP Clock Hewlett-Packard 4/9/2012 378 KB 5.1.4244.16367
HP LinkUp Hewlett-Packard 4/9/2012 71.7 MB 2.01.029
HP Magic Canvas Hewlett-Packard 4/9/2012 5.1.15.0
HP Magic Canvas Hewlett-Packard 4/9/2012 124 MB 5.1.15.0
HP Magic Canvas Tutorials Hewlett-Packard 4/9/2012 4.91 MB 5.0.0.3
HP Notes Hewlett-Packard 4/9/2012 37.9 MB 5.1.4274.30382
HP Odometer Hewlett-Packard 4/9/2012 48.0 KB 2.10.0000
HP RSS Hewlett-Packard 4/9/2012 2.83 MB 5.1.4301.21494
HP Setup Hewlett-Packard Company 4/9/2012 51.5 MB 9.0.15130.3904
HP Setup Manager Hewlett-Packard Company 4/9/2012 8.69 MB 1.2.15145.3905
HP Support Assistant Hewlett-Packard Company 4/9/2012 65.0 MB 6.1.12.1
HP Support Assistant Hewlett-Packard Company 4/9/2012 6.1.12.1
HP Support Information Hewlett-Packard 4/9/2012 1.68 MB 11.00.0001
HP TouchSmart Background - Beats Hewlett-Packard 4/9/2012 1.23 MB 1.0.1.0
HP TouchSmart RecipeBox Hewlett-Packard 4/9/2012 3.0.3830.27730
HP TouchSmart RecipeBox Hewlett-Packard 4/9/2012 43.6 MB 3.0.3830.27730
HP Update Hewlett-Packard 4/9/2012 3.98 MB 5.003.001.001
HP Vision Hardware Diagnostics 4/9/2012 12.1 MB
HP Weather Hewlett-Packard 4/9/2012 2.20 MB 5.1.4245.22595
IDT Audio IDT 4/9/2012 1.0.6349.0
IL Download Manager Image-Line 10/22/2013
IL Shared Libraries Image-Line 10/22/2013
iTunes Apple Inc. 7/11/2015 238 MB 12.2.0.145
Java 8 Update 101 Oracle Corporation 9/17/2016 93.2 MB 8.0.1010.13
Kobo Kobo Inc. 4/9/2012 2.0.3
LabelPrint CyberLink Corp. 4/9/2012 229 MB 2.5.4507
LAME v3.99.3 (for Windows) 7/25/2015 1.52 MB
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 10/19/2016 66.8 MB 2.2.1.1043
Max Uninstaller version 3.6 http://www.maxuninstaller.com/ 10/18/2016 20.2 MB 3.6
Metric Converter XM Asia Pacific Pte Ltd 4/9/2012 2.58 MB 1.0.0.0
Microsoft .NET Framework 4.6.1 Microsoft Corporation 9/18/2016 38.8 MB 4.6.01055
Microsoft Application Error Reporting 2/11/2011
Microsoft Camera Codec Pack Microsoft Corporation 5/23/2015 43.9 MB 6.3.9723.0
Microsoft Mathematics Microsoft Corporation 6/21/2012 17.5 MB 4.0
Microsoft Office 2010 Microsoft Corporation 4/9/2012 6.40 MB 14.0.4763.1000
Microsoft Office Click-to-Run 2010 2/11/2011
Microsoft Office Click-to-Run 2010 Microsoft Corporation 6/21/2012 14.0.4763.1000
Microsoft Office Starter 2010 - English Microsoft Corporation 11/17/2015 14.0.5139.5005
Microsoft Silverlight Microsoft Corporation 10/18/2016 299 MB 5.1.50901.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 4/9/2012 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 11/3/2014 298 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) 5/7/2013 620 KB
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 5/7/2013 242 KB
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2/11/2011 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 4/9/2012 784 KB
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 11/4/2014 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2/11/2011 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 4/9/2012 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 5/11/2013 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 5/20/2015 18.3 MB
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 5/20/2015 13.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 5/20/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 5/20/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 10/19/2016 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 10/19/2016 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 5/19/2015 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 Microsoft Corporation 10/19/2016 24.3 MB 14.0.23026.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 Microsoft Corporation 10/19/2016 20.6 MB 14.0.23026.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 5/12/2013 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 5/12/2013 1.33 MB 4.20.9876.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 5/19/2015 1.53 MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 5/20/2015 1.54 MB 4.30.2117.0
Native Instruments Abbey Road 60s Drums 10/13/2013
Native Instruments Abbey Road 60s Drums Native Instruments 10/13/2013
Native Instruments Abbey Road 60s Drums Vintage 6/2/2013
Native Instruments Abbey Road 60s Drums Vintage Native Instruments 6/2/2013
Native Instruments Abbey Road 70s Drums Native Instruments 10/13/2013
Native Instruments Abbey Road 70s Drums 10/13/2013
Native Instruments Abbey Road 80s Drums 10/13/2013
Native Instruments Abbey Road 80s Drums Native Instruments 10/13/2013
Native Instruments Absynth 5 10/13/2013
Native Instruments Absynth 5 Native Instruments 10/13/2013
Native Instruments Alicias Keys 10/13/2013
Native Instruments Alicias Keys Native Instruments 10/13/2013
Native Instruments Balinese Gamelan 10/13/2013
Native Instruments Balinese Gamelan Native Instruments 10/13/2013
Native Instruments Battery 3 10/13/2013
Native Instruments Battery 3 Native Instruments 10/13/2013
Native Instruments Battery 4 Native Instruments 8/24/2013 168 MB 4.0.2.2254
Native Instruments Battery 4 2/11/2011
Native Instruments Battery 4 Factory Library Native Instruments 8/24/2013 3.70 GB 1.0.0.002
Native Instruments Battery 4 Factory Library 2/11/2011
Native Instruments Battery Library Importer for Maschine 10/13/2013
Native Instruments Battery Library Importer for Maschine Native Instruments 10/13/2013
Native Instruments Berlin Concert Grand 10/13/2013
Native Instruments Berlin Concert Grand Native Instruments 10/13/2013
Native Instruments Controller Editor 2/11/2011
Native Instruments Controller Editor Native Instruments 10/18/2016 28.0 MB 2.0.0.86
Native Instruments Evolve Mutations 10/13/2013
Native Instruments Evolve Mutations Native Instruments 10/13/2013
Native Instruments Evolve Mutations 2 10/13/2013
Native Instruments Evolve Mutations 2 Native Instruments 10/13/2013
Native Instruments FM8 10/13/2013
Native Instruments FM8 Native Instruments 10/13/2013
Native Instruments George Duke Soul Treasures Native Instruments 10/13/2013
Native Instruments George Duke Soul Treasures 10/13/2013
Native Instruments Guitar Rig 5 2/11/2011
Native Instruments Guitar Rig 5 Native Instruments 10/19/2016 443 MB 5.2.0.2770
Native Instruments Guitar Rig Elements for Maschine 6/2/2013
Native Instruments Guitar Rig Elements for Maschine Native Instruments 6/2/2013
Native Instruments Guitar Rig Mobile IO Driver 10/19/2016
Native Instruments Guitar Rig Mobile IO Driver Native Instruments 10/19/2016
Native Instruments Guitar Rig Session IO Driver 10/19/2016
Native Instruments Guitar Rig Session IO Driver Native Instruments 10/19/2016
Native Instruments Komplete 8 Ultimate Native Instruments 10/13/2013
Native Instruments Komplete 8 Ultimate 10/13/2013
Native Instruments Komplete Elements Mk2 6/2/2013
Native Instruments Komplete Elements Mk2 Native Instruments 6/2/2013
Native Instruments Komplete Kontrol Driver Native Instruments 10/19/2016
Native Instruments Komplete Kontrol Driver 10/19/2016
Native Instruments Kontakt 5 10/13/2013
Native Instruments Kontakt 5 Native Instruments 10/13/2013
Native Instruments Kontakt Elements Selection R2 Native Instruments 6/2/2013
Native Instruments Kontakt Elements Selection R2 6/2/2013
Native Instruments Kontakt Factory Library Native Instruments 10/13/2013
Native Instruments Kontakt Factory Library 10/13/2013
Native Instruments Maschine 10/19/2016
Native Instruments Maschine Native Instruments 10/19/2016
Native Instruments Maschine 2 2/11/2011
Native Instruments Maschine 2 Native Instruments 10/19/2016 443 MB 2.5.0.5213
Native Instruments Maschine Controller Native Instruments 1/30/2013
Native Instruments Maschine Controller Driver 10/19/2016
Native Instruments Maschine Controller Driver Native Instruments 10/19/2016
Native Instruments Maschine Controller MK2 Driver Native Instruments 10/19/2016
Native Instruments Maschine Controller MK2 Driver 1/30/2013
Native Instruments Maschine Jam Driver 10/19/2016
Native Instruments Maschine Jam Driver Native Instruments 10/19/2016
Native Instruments Maschine Mikro Native Instruments 1/30/2013
Native Instruments Maschine Mikro Driver 10/19/2016
Native Instruments Maschine Mikro Driver Native Instruments 10/19/2016
Native Instruments Maschine Mikro MK2 Driver 1/30/2013
Native Instruments Maschine Mikro MK2 Driver Native Instruments 10/19/2016
Native Instruments Maschine Studio Driver 10/19/2016
Native Instruments Maschine Studio Driver Native Instruments 10/19/2016
Native Instruments Massive 10/13/2013
Native Instruments Massive Native Instruments 10/13/2013
Native Instruments New York Concert Grand 10/13/2013
Native Instruments New York Concert Grand Native Instruments 10/13/2013
Native Instruments Rammfire 10/13/2013
Native Instruments Rammfire Native Instruments 10/13/2013
Native Instruments Razor 10/13/2013
Native Instruments Razor Native Instruments 10/13/2013
Native Instruments Reaktor 5 2/11/2011
Native Instruments Reaktor 5 Native Instruments 10/19/2016 243 MB 5.9.3.1344
Native Instruments Reaktor Elements Selection 6/2/2013
Native Instruments Reaktor Elements Selection Native Instruments 6/2/2013
Native Instruments Reaktor Prism 10/13/2013
Native Instruments Reaktor Prism Native Instruments 10/13/2013
Native Instruments Reaktor Spark R2 2/11/2011
Native Instruments Reaktor Spark R2 Native Instruments 10/19/2016 1.4.0.3
Native Instruments Reflektor 10/13/2013
Native Instruments Reflektor Native Instruments 10/13/2013
Native Instruments Rig Kontrol 3 Driver 10/19/2016
Native Instruments Rig Kontrol 3 Driver Native Instruments 10/19/2016
Native Instruments Scarbee Funk Guitarist 10/13/2013
Native Instruments Scarbee Funk Guitarist Native Instruments 10/13/2013
Native Instruments Scarbee Jay-Bass 10/13/2013
Native Instruments Scarbee Jay-Bass Native Instruments 10/13/2013
Native Instruments Scarbee MM-Bass 10/13/2013
Native Instruments Scarbee MM-Bass Native Instruments 10/13/2013
Native Instruments Scarbee MM-Bass Amped 10/13/2013
Native Instruments Scarbee MM-Bass Amped Native Instruments 10/13/2013
Native Instruments Scarbee Pre-Bass 10/13/2013
Native Instruments Scarbee Pre-Bass Native Instruments 10/13/2013
Native Instruments Scarbee Pre-Bass Amped 10/13/2013
Native Instruments Scarbee Pre-Bass Amped Native Instruments 10/13/2013
Native Instruments Scarbee Vintage Keys 10/13/2013
Native Instruments Scarbee Vintage Keys Native Instruments 10/13/2013
Native Instruments Service Center 2/11/2011
Native Instruments Service Center Native Instruments 10/19/2016 13.1 MB 2.6.0.137
Native Instruments Session Strings Pro 10/13/2013
Native Instruments Session Strings Pro Native Instruments 10/13/2013
Native Instruments Studio Drummer 10/13/2013
Native Instruments Studio Drummer Native Instruments 10/13/2013
Native Instruments The Finger R2 10/13/2013
Native Instruments The Finger R2 Native Instruments 10/13/2013
Native Instruments The Mouth 10/13/2013
Native Instruments The Mouth Native Instruments 10/13/2013
Native Instruments Traktors 12 10/13/2013
Native Instruments Traktors 12 Native Instruments 10/13/2013
Native Instruments Transient Master 10/13/2013
Native Instruments Transient Master Native Instruments 10/13/2013
Native Instruments Upright Piano 10/13/2013
Native Instruments Upright Piano Native Instruments 10/13/2013
Native Instruments VC 160 10/13/2013
Native Instruments VC 160 Native Instruments 10/13/2013
Native Instruments VC 2A 10/13/2013
Native Instruments VC 2A Native Instruments 10/13/2013
Native Instruments VC 76 10/13/2013
Native Instruments VC 76 Native Instruments 10/13/2013
Native Instruments Vienna Concert Grand 10/13/2013
Native Instruments Vienna Concert Grand Native Instruments 10/13/2013
Native Instruments Vintage Organs 10/13/2013
Native Instruments Vintage Organs Native Instruments 10/13/2013
Native Instruments West Africa 10/13/2013
Native Instruments West Africa Native Instruments 10/13/2013
PDF Complete Special Edition PDF Complete, Inc 4/9/2012 4.0.65
PlayReady PC Runtime amd64 Microsoft Corporation 4/9/2012 2.05 MB 1.3.0
PlayReady PC Runtime x86 Microsoft Corporation 4/9/2012 1.65 MB 1.3.0
Power2Go CyberLink Corp. 4/9/2012 175 MB 6.1.5705
PressReader NewspaperDirect Inc. 4/9/2012 9.28 MB 5.11.0721.0
QuickShare 1/30/2014
QuickTime 7 Apple Inc. 7/11/2015 70.3 MB 7.77.80.95
Remote Graphics Receiver Hewlett-Packard 4/9/2012 5.4.5
Scarlett MixControl 1.8 Focusrite Audio Engineering Limited 10/30/2014 8.09 MB 1.8
simpliclean simplitec GmbH 5/19/2015 56.7 MB 2.3.1.237
Skype™ 7.29 Skype Technologies S.A. 10/21/2016 85.2 MB 7.29.102
SONAR X2 Studio (x64) Cakewalk Music Software 5/7/2013 19.0
Spot XM Asia Pacific Pte Ltd 4/9/2012 5.28 MB 1.0.0.0
Spotify Spotify AB 10/25/2016 1.0.39.157.g674ae377
Tap Tap Bear XM Asia Pacific Pte Ltd 4/9/2012 1.71 MB 1.0.0.0
Transfer Utility PIXELA 12/15/2015 1.00.012
Visual Studio 2010 x64 Redistributables 5/19/2013 12.4 MB
VLC media player VideoLAN 9/15/2016 2.2.4
WAV To MP3 Converter version 1.0 r1 8/29/2013 2.27 MB 1.0 r1
Windows Driver Package - Focusrite USB 2.0 Audio Driver (03/17/2014 2.5.128.1) Focusrite 10/30/2014 03/17/2014 2.5.128.1
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) Focusrite 5/27/2013 09/10/2012 2.4.128.0
Windows Driver Package - Focusrite USB 2.0 Audio Driver (11/08/2012 2.4.128.0) Focusrite 5/27/2013 11/08/2012 2.4.128.0
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) GoPro 5/12/2015 03/07/2012 
Windows Live Essentials Microsoft Corporation 4/9/2012 15.4.3538.0513
Windows Live ID Sign-in Assistant 2/11/2011
Windows Live Language Selector 2/11/2011
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 4/9/2012 5.57 MB 15.4.5722.2
Windows Live Remote Client 2/11/2011
Windows Live Remote Client Resources 2/11/2011
Windows Live Remote Service 2/11/2011
WinRAR 5.31 (64-bit) win.rar GmbH 9/17/2016 5.31.0
WinZip 19.5 WinZip Computing, S.L. 8/16/2015 238 MB 19.5.11475
WinZip 20.0 WinZip Computing, S.L. 9/17/2016 261 MB 20.0.11659
Zinio Reader 4 Zinio LLC 4/9/2012 4.2.4164
 


#8 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:10 AM

Posted 26 October 2016 - 05:43 AM

What about the Eset Scan results?

 

List of Scheduled Tasks is missing...please post that list.

 

Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run DVDFab VDrive Fengtao Software Inc. "C:\Program Files\DVDFab Virtual Drive\vdrive.exe"
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545"
Yes HKCU:Run Spotify Spotify Ltd "C:\Users\Shane\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
Yes HKCU:Run Spotify Web Helper Spotify Ltd "C:\Users\Shane\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"

Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

Yes Startup Common FAH.lnk Nico Mak Computing C:\Program Files\WinZip\FAHConsole.exe
Yes Startup Common GoPro Importer.lnk C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
Yes Startup Common Update Notifier.lnk Nico Mak Computing C:\Program Files\WinZip\WZUpdateNotifier.exe
Yes Startup Common WinZip Preloader.lnk WinZip Computing, S.L. C:\Program Files\WinZip\WzPreloader.exe
Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Shane\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
Uninstall these programs: Use CCleaner by clicking on each item and choosing Disable on the right.
Use Download Revo Uninstaller Freeware to uninstall programs that cause a problem during uninstall
 
Dealio Toolbar v8.9 Spigot, Inc. 4/5/2014 6.05 MB 8.9
Java 8 Update 101 Oracle Corporation 9/17/2016 93.2 MB 8.0.1010.13 (Most don't need Java...Update or Uninstall...your choice)
Max Uninstaller version 3.6 http://www.maxuninstaller.com/ 10/18/2016 20.2 MB 3.6 (Uninstall unless you purchased it)
QuickShare 1/30/2014
QuickTime 7 Apple Inc. 7/11/2015 70.3 MB 7.77.80.95
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 4/9/2012 5.57 MB 15.4.5722.2
Windows Live Remote Client 2/11/2011
Windows Live Remote Client Resources 2/11/2011

Windows Live Remote Service 2/11/2011

WinZip 19.5 WinZip Computing, S.L. 8/16/2015 238 MB 19.5.11475

 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 26 October 2016 - 08:47 AM

Here's the scheduled tasks. Sorry I missed that. ESET Scanner crashes every time I run it. I'll work on your other requests now.

 

Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-Shane-HP-Shane Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Registration Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" Registration ShowMessageTask2D
Yes Task RMCreator CyberLink C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe
No Task SafeZone scheduled Autoupdate 1476801209 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task {F56EB937-6C28-4329-9AFE-01545F73D18E} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup


#10 buddy215

buddy215

  • Moderator
  • 13,116 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:10 AM

Posted 26 October 2016 - 09:08 AM

Often Eset problems are caused by malware or a bad download. I am assuming you are attempting to run Eset using Google Chrome. Eset does not show up as

an installed program...which it should. Please try again by following the directions for using Eset while using IE browser. That is a different download than using Chrome.

As a further precaution that might prevent Eset from running...disable Avast while running Eset. Close all open programs including Chrome. Allow Eset full use of the computer's

resources during scan.

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Registration Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" Registration ShowMessageTask2D
Yes Task RMCreator CyberLink C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe
Yes Task {F56EB937-6C28-4329-9AFE-01545F73D18E} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup (after disabling this item and rebooting...see if it has any effect on Avast updating...it is unusual to see this in Tasks)

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users