Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Probably just a scam website?


  • Please log in to reply
39 replies to this topic

#1 Skillful

Skillful

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 26 November 2016 - 04:09 AM

I recently went to a website that I didn't know was dodgy. It redirected in the same tab to somewhere and said '* YOUR COMPUTER HAS BEEN INFECTED ** Error etc etc call this number toll free etc etc. all on that tab webpage.

 

I closed that tab in firefox, was fine. closed other tabs in firefox, reopened, was fine. reset computer, opened firefox, no problems. So is this most likely just a scam with nothing bad downloaded in this case? eg no keyloggers etc?

 

Also, I viewed one of my older forum topics here before logging in, it said 2 guests are viewing. at one time it said 3 guests are viewing. A topic from months ago that has not been bumped and no one would be viewing basically.

 

So I picked a random forum post from here 2009 in search engine and viewed that, same thing, started out as 1 guest[me] and then refresh within 10seconds, it says 2 guests viewing this topic. Logged in, then 1 member, 3 guests. Refresh, 1 member, 2 guests. Is this normal on this forum or any forum? eg are there always 1 or 2 'guests' viewing even topics not bumped since 2009 or is that something wrong on my end? I refreshed after typing this to be sure, yep still says 1 member[me] and 2 guests viewing this topic.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 26 November 2016 - 06:39 AM

Yes...it was a criminal's scam. Run CCleaner to clean Firefox's cache and cookies. The other programs will remove adware and malware to be sure none of those are involved.

 

If you know which forum topics you viewed and post a link to them...I could give a better answer as to what you are seeing.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 26 November 2016 - 07:56 AM

CC Cleaner I think got rid of 1,400mb of files if I remember correctly. Not sure if it has a log file.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26/11/2016
Scan Time: 10:32 PM
Logfile: malwarebytes26-11-16.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.11.26.05
Rootkit Database: v2016.11.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Bq

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 277004
Time Elapsed: 5 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

# AdwCleaner v6.030 - Logfile created 26/11/2016 at 22:44:34
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-26.1 [Server]
# Operating System : Windows 8.1 Pro  (X64)
# Username : Bq - NW
# Running from : C:\Users\Bq\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\veoh.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.veoh.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\veoh.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.veoh.com


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1132 Bytes] - [26/11/2016 22:44:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [763 Bytes] - [08/06/2016 15:00:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [1526 Bytes] - [26/11/2016 22:44:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1350 Bytes] ##########
 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 Pro x64
Ran by Bq (Administrator) on Sat 26/11/2016 at 22:50:30.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\Users\Bq\Desktop\drivermax.lnk (Shortcut)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERMAX.EXE-0EEB5770.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERMAX.TMP-1845E613.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERMAX.TMP-DE248FAB.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERUPDATEUI.EXE-44B94CD5.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 26/11/2016 at 22:50:50.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 26 November 2016 - 08:20 AM

Because DriverMax was on the computer....run one more scan.

 

  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 26 November 2016 - 08:28 AM

I can't remember why, but I think I did put drivermax on there myself, a few months ago. I will run that scan anyway.

 

With the scans I just did... firefox had a blank homepage... I guess you'd call them tiles that you can unpin. eg most visited websites. well obviously if all of that got removed, should be completely blank. Well there was this website, and one of the scans so that makes sense. But there was also okcupid was still pinned, yet I have not visited that site since doing all those scans. Any idea why that would be appearing as one of the firefox tiles?  I hope tile is the right word I'm using there... you start firefox, and it has the last 15 most viewed sites you visit. So it has malwarebytes tile, google tyle for this website mbamupdates.com and okcupid. I dunno why the okcupid is there, just checked firefox history, and since those scans 1hr ago, well all the history is gone except last 1hr, but there is no okcupid in the history, yet why is it a tile?



#6 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 26 November 2016 - 08:36 AM

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 26.11.2016 23:31:01
Path starting: C:\Users\Bq\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bq
VersionXML: 3.53s-23.11.2016
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) Professional Lang: English(0809)
Installation date OS: 05.02.2016 23:45:47
LicenseStatus: Windows®, Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: Internet Explorer (c:\program files\internet explorer\iexplore.exe)
SystemDrive: C: FS: [NTFS] Capacity: [111.4 Gb] Used: [52.9 Gb] Free: [58.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18283 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Never check for updates
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service has stopped
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.4518.1014
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.20.911
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.31 (64-bit) v.5.31.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.29 v.7.29.102 Warning! Download Update
^Optional update.^
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 47.0.1 (x86 en-US) v.47.0.1 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMScheduler (MBAMScheduler) - The service is running
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe v.3.1.7.0
MBAMService (MBAMService) - The service has stopped
Windows Defender Service (WinDefend) - The service has stopped
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
----------------------------- [ End of Log ] ------------------------------
 



#7 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 26 November 2016 - 08:55 AM

Update Firefox. Once you have updated check in your Add-ons > Extensions for okcupid...if there delete it. To update Firefox...click on Help > About Firefox > Update....Firefox 50 or later is available. Mine is 50 in Linux.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 26 November 2016 - 08:58 AM

When was the last time you downloaded and installed Windows 8 security updates? Do you do that each month? That is what I do to keep my Windows 7 up to date in case I need it.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 26 November 2016 - 09:13 AM

Updated firefox to 50. Checked Add-ons -> Extensions. Nothing there. Any other reason that okcupid tile might be there?  I have not downloaded windows updates recently



#10 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 27 November 2016 - 07:06 AM

If you haven't updated Windows this month...you need to do that.

 

You may have to uninstall Firefox including  your Firefox profile to get rid of that okcupid. But before doing that, do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 

You will also be able to view startups in Firefox by clicking on the Firefox tab next to the Scheduled Tasks tab. See if okcupid is mentioned.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 27 November 2016 - 10:04 AM

I tried to find the 'view startups in Firefox' but there was no firefox tab in the row of tabs under startup. Just Windows, Scheduled Tasks and Context Menu.

Did you need "context menu" from startups as well?

 

Below is CC Cleaner

Startup windows

 

Yes    HKCU:Run    DriverMax_RESTART    Innovative Solutions    "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
Yes    HKLM:Run    IAStorIcon    Intel Corporation    "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
Yes    HKLM:Run    Start WingMan Profiler    Logitech Inc.    C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
Yes    HKLM:Run    StartCCC    Advanced Micro Devices, Inc.    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
Yes    HKLM:Run    ZAM    Zemana Ltd.    "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
 

 

Startup scheduled tasks

 

Yes    Task    Application Starter - f1375f225883e83d52e8db9690775c3c    Innovative Solutions    C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe -install
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
No    Task    Optimize Start Menu Cache Files-S-1-5-21-251241379-2071700029-1508196371-1001        
Yes    Task    Tweaking.com - Windows Repair Tray Icon    Tweaking.com    C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
No    Task    USER_ESRV_SVC_WILLAMETTE    Microsoft Corporation    "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Yes    Task    {B267C527-2BDA-4596-9133-5F245852A9FF}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?page=tsMain

 

 

Browser plugins[firefox only, internet explorer had none]

 

Yes    Extension    Application Update Service Helper    1.0        default    Firefox 50.0    C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Yes    Extension    Multi-process staged rollout    1.5        default    Firefox 50.0    C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Yes    Extension    Pocket    1.0.5        default    Firefox 50.0    C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Yes    Extension    Web Compat    1.0        default    Firefox 50.0    C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Yes    Plugin        1.4.8.903    Google Inc.    default    Firefox 50.0    C:\Users\Bq\AppData\Roaming\Mozilla\Firefox\Profiles\x85sfia2.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
Yes    Plugin    Intel® Identity Protection Technology    4.0.5.0    Intel Corporation    default    Firefox 50.0    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
Yes    Plugin    Intel® Identity Protection Technology    4.0.5.0    Intel Corporation    default    Firefox 50.0    C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Yes    Plugin    OpenH264 Video Codec    1.6    Mozilla Corporation    default    Firefox 50.0    C:\Users\Bq\AppData\Roaming\Mozilla\Firefox\Profiles\x85sfia2.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
Yes    Plugin    Primetime Content Decryption Module provided by Adobe Systems, Incorporated    17    Adobe Systems Inc    default    Firefox 50.0    C:\Users\Bq\AppData\Roaming\Mozilla\Firefox\Profiles\x85sfia2.default\gmp-eme-adobe\17\eme-adobe.dll

 

 

 

 

Uninstall

 

9-lab Removal Tool        10/06/2016        
Catalyst Control Center    AMD    10/06/2016        1.00.0000
CCleaner    Piriform    26/11/2016        5.24
DriverMax 8    Innovative Solutions    16/06/2016    16.6 MB    8.23.0.450
e-tax 2014    Australian Taxation Office    30/06/2016    39.0 MB    2.10.788
e-tax 2015    Australian Taxation Office    1/07/2016    40.3 MB    2.7.488
Games    Microsoft Corporation    5/02/2016        2.0.139.0
Intel® Management Engine Components    Intel Corporation    14/06/2016        9.5.15.1730
Intel® Processor Graphics    Intel Corporation    10/06/2016        10.18.14.4264
Intel® Rapid Storage Technology    Intel Corporation    13/06/2016        13.0.3.1001
Intel® Driver Update Utility    Intel    13/06/2016    24.4 MB    2.5.0.22
Logitech Gaming Software 5.10    Logitech    19/02/2016    15.3 MB    5.10.127
Mail, Calendar and People        5/02/2016        
Malwarebytes Anti-Malware version 2.2.1.1043    Malwarebytes    9/06/2016    66.9 MB    2.2.1.1043
Maps    Microsoft Corporation    5/02/2016        2.1.3230.2048
Microsoft Office Small Business 2007    Microsoft Corporation    10/06/2016        12.0.4518.1014
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    19/02/2016    6.88 MB    8.0.59192
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    14/06/2016    13.8 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    14/06/2016    11.1 MB    10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030    Microsoft Corporation    10/06/2016    20.5 MB    11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030    Microsoft Corporation    10/06/2016    17.3 MB    11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005    Microsoft Corporation    10/06/2016    20.5 MB    12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501    Microsoft Corporation    10/06/2016    20.5 MB    12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005    Microsoft Corporation    10/06/2016    17.1 MB    12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501    Microsoft Corporation    10/06/2016    17.1 MB    12.0.30501.0
MoTeC i2 Pro 1.1    MoTeC    11/05/2016    49.9 MB    7.00.4522
MoTeC i2 Standard 1.1    MoTeC    22/02/2016    41.7 MB    7.00.4524
Mozilla Firefox 50.0 (x86 en-US)    Mozilla    27/11/2016    91.4 MB    50.0
MSN Food & Drink    Microsoft Corporation    2/07/2016        3.0.4.212
MSN Health & Fitness    Microsoft Corporation    2/07/2016        3.0.4.212
MSN Money    Microsoft Corporation    5/02/2016        3.0.4.212
MSN News    Microsoft Corporation    5/02/2016        3.0.4.213
MSN Sport    Microsoft Corporation    5/02/2016        3.0.4.212
MSN Travel    Microsoft Corporation    5/02/2016        3.0.4.212
MSN Weather    Microsoft Corporation    5/02/2016        3.0.4.214
Music    Microsoft Corporation    5/02/2016        2.6.320.0
OneNote    Microsoft Corporation    5/02/2016        16.0.3030.1024
PC Tool for VeryAndroid SMS Backup 3.2.2    VeryAndroid    15/06/2016        3.2.2
Reader    Microsoft Corporation    5/02/2016        6.3.9654.17044
rFactor2        10/06/2016        
Skype    Skype    5/02/2016        3.1.0.1005
Skype™ 7.29    Skype Technologies S.A.    1/11/2016    233 MB    7.29.102
Tweaking.com - Windows Repair    Tweaking.com    3/07/2016        3.9.4
Unknown Device Identifier 9.01    Huntersoft    12/06/2016    6.80 MB    9.01
Video    Microsoft Corporation    5/02/2016        2.6.344.0
Windows Alarms    Microsoft Corporation    5/02/2016        6.3.9654.20335
Windows Calculator    Microsoft Corporation    5/02/2016        6.3.9600.20278
Windows Help+Tips    Microsoft Corporation    5/02/2016        6.3.9654.20559
Windows Reading List    Microsoft Corporation    5/02/2016        6.3.9654.20540
Windows Scan    Microsoft Corporation    5/02/2016        6.3.9600.16422
Windows Sound Recorder    Microsoft Corporation    5/02/2016        6.3.9600.20280
WinRAR 5.31 (64-bit)    win.rar GmbH    14/02/2016        5.31.0
Zemana AntiMalware    Zemana Ltd.    8/06/2016    14.3 MB    2.20.911

 



#12 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 27 November 2016 - 11:09 AM

Delete Driver Max startup by clicking on it and choosing Delete on the right.

 

Disable HKLM:Run    Start WingMan Profiler    Logitech Inc.    C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui by clicking on it and choosing Disable on the right.

 

Delete this Task    Application Starter - f1375f225883e83d52e8db9690775c3c    Innovative Solutions    C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe -install

 

Disable this Task  Tweaking.com - Windows Repair Tray Icon    Tweaking.com    C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe

 

Delete this Task    {B267C527-2BDA-4596-9133-5F245852A9FF}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?page=tsMain

 

Uninstall These programs:  Use this to uninstall the programs Download Revo Uninstaller Freeware

9-lab Removal Tool        10/06/2016    

DriverMax 8    Innovative Solutions    16/06/2016    16.6 MB    8.23.0.450

Unknown Device Identifier 9.01    Huntersoft    12/06/2016    6.80 MB    9.01

 

Okay...that is different...not showing the browser startups. So, you can uninstall Firefox and your Firefox profile to remove the okcupid. You should backup

your Firefox bookmarks before doing that. Bookmarks > Show All Bookmarks > Import Export > Export to html and save on your Desktop.

 

Once you have uninstalled Firefox from the list of installed programs, click on Start and enter Mozilla in the Search Box. Delete whatever it finds which will include your profile.

Be sure not to delete your saved passwords, though.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 27 November 2016 - 01:24 PM

Done all the delete/disable startups and tasks. When I uninstalled 9-lab it came up with a webpage for uninstall feedback form, but the link was 404 error. The tab name was in a different language... arabic? not sure. So I can't read that, the second part of that tab was - 9-lab. So the tab was "different language - 9 -lab". I'm guessing the server for that website is not setup for english first language? Nothing to worry about though? Took a screenshot if necessary. I also had an uninstall form or whatever for drivermax as well in another tab.

 

You mean uninstall firefox using revo uninstaller? When you say click on start and enter mozilla in the search box.... which start is that?



#14 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:38 AM

Posted 27 November 2016 - 05:20 PM

Did you see all that using Revo? Or did you attempt to uninstall without using Revo?

 

The Start button on your Desktop....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 Skillful

Skillful
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:01:38 AM

Posted 27 November 2016 - 09:53 PM

I saw all of that using Revo.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users