Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I'm bugged!


  • Please log in to reply
19 replies to this topic

#1 Red131313

Red131313

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 28 August 2017 - 09:46 AM

I've ran Malwarebytes, as well as an Avast scan. Both scans showed no infections. However, my computer is still running incredibly slow, and it sounds like something is running heavily(like an intense computer game). I'm not sure what else I can do in regards to checking for infections. If someone could guide me in the right direction, it would be very much appreciated.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 28 August 2017 - 09:51 AM

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 28 August 2017 - 10:44 AM

The MBAR scan didn't find any issues/threats.

 

AdwCleaner Report

 

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 28 15:19:07 2017

# Updated on 2017/05/08 by Malwarebytes 
# Database: 07-31-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
 
***** [ Services ] *****
 
PUP.Adware.Heuristic, vToolbarUpdater18.5.0
 
 
***** [ Folders ] *****
 
PUP.Optional.Legacy, C:\Users\Alyssa\AppData\LocalLow\AVG SafeGuard toolbar
PUP.Optional.Legacy, C:\ProgramData\AVG Secure Search
PUP.Optional.Legacy, C:\ProgramData\Application Data\AVG Secure Search
PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\AVG Secure Search
PUP.Optional.Legacy, C:\Users\All Users\AVG Secure Search
PUP.Optional.Legacy, C:\Users\Alyssa\AppData\Local\AVG Secure Search
PUP.Optional.Legacy, C:\Program Files (x86)\AVG Security Toolbar
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Application Data\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\Program Files (x86)\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\Users\All Users\Auslogics
PUP.Adware.Heuristic, C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_0215tb
PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_0814tb
PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_1214tb
PUP.Adware.Heuristic, C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
 
 
***** [ Files ] *****
 
PUP.Optional.AuslogicsDiskDefrag, C:\Users\Alyssa\Desktop\Auslogics Disk Defrag.lnk
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4245539598-182883426-71589199-1002\Software\AVG Secure Search
PUP.Optional.Legacy, [Key] - HKCU\Software\AVG Secure Search
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Security Toolbar
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4245539598-182883426-71589199-1002\Software\AVG Security Toolbar
PUP.Optional.Legacy, [Key] - HKCU\Software\AVG Security Toolbar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | BrowserAppCoreService
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
PUP.Optional.AuslogicsDriverUpdater, [Key] - HKLM\SOFTWARE\Auslogics
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin found: Savings Button: Deals + Cash Back - 
 
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 
 
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
 
 
 
JRT Report
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Alyssa (Administrator) on Mon 08/28/2017 at  9:29:09.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
File System: 5 
 
Failed to delete: C:\Program Files (x86)\Common Files\avg secure search\vtoolbarupdater (Folder) 
Successfully deleted: C:\Users\Alyssa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof (Folder) 
Successfully deleted: C:\Users\Alyssa\Appdata\LocalLow\avg safeguard toolbar (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\0814tb_RML (Task)
Successfully deleted: C:\Program Files (x86)\avg security toolbar (Folder) 
 
 
Registry: 4 
 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\vToolbarUpdater18.5.0 (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C39D5366-D69B-436B-961E-C39730211A67} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{C39D5366-D69B-436B-961E-C39730211A67} (Registry Key)
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/28/2017 at  9:36:11.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#4 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 28 August 2017 - 11:11 AM

Rerun AdwCleaner and be sure to click on Clean when scan finishes. Allow it to remove ALL that it finds.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 28 August 2017 - 01:08 PM

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 28 16:18:29 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\ProgramData\AVG Secure Search
Deleted: C:\ProgramData\Application Data\AVG Secure Search
Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted: C:\Users\All Users\AVG Secure Search
Deleted: C:\Users\Alyssa\AppData\Local\AVG Secure Search
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
Deleted: C:\ProgramData\Auslogics
Deleted: C:\ProgramData\Application Data\Auslogics
Deleted: C:\Program Files (x86)\Auslogics
Deleted: C:\Users\All Users\Auslogics
Deleted: C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
Deleted: C:\ProgramData\Avg_Update_0215tb
Deleted: C:\ProgramData\Avg_Update_0814tb
Deleted: C:\ProgramData\Avg_Update_1214tb
Deleted: C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
 
 
***** [ Files ] *****
 
Deleted: C:\Users\Alyssa\Desktop\Auslogics Disk Defrag.lnk
 
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKU\S-1-5-21-4245539598-182883426-71589199-1002\Software\AVG Secure Search
Deleted: [Key] - HKCU\Software\AVG Secure Search
Deleted: [Key] - HKLM\SOFTWARE\AVG Security Toolbar
Deleted: [Key] - HKU\S-1-5-21-4245539598-182883426-71589199-1002\Software\AVG Security Toolbar
Deleted: [Key] - HKCU\Software\AVG Security Toolbar
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BrowserAppCoreService
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Deleted: [Key] - HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
Deleted: [Key] - HKLM\SOFTWARE\Auslogics
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [5020 B] - [2017/8/28 15:19:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [4768 B] - [2017/8/28 16:15:58]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
 
 
STARTUP LIST
 
No  HKCU:Run OneDrive Microsoft Corporation "C:\Users\Alyssa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
No HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes  HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
No  HKLM:Run HP CoolSense Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
Yes  HKLM:Run HP Quick Launch Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
No  HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
Yes  HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
No  Startup Common Install Webroot FF RunOnce.lnk Webroot Software, Inc. C:\Program Files (x86)\Common Files\wruninstall.exe
No  Startup Common Install Webroot IE RunOnce.lnk Webroot Software, Inc. C:\Program Files (x86)\Common Files\wruninstall.exe
 
 
SCHEDULED TASKS
 
Yes  Task 0414cUpdateInfo AVG Technologies C:\ProgramData\Avg_Update_0414c\0414c_{37D9B819-667C-4D3C-A1E5-4156717FCA8E}.exe /SETINFO /CMPID=0414c /INFORETRY=3
Yes  Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes  Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForAlyssa Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlyssa (null)
Yes Task OneDrive Standalone Update Task-S-1-5-21-4245539598-182883426-71589199-1002 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
No  Task Optimize Start Menu Cache Files-S-1-5-21-4245539598-182883426-71589199-1002
Yes Task {61CA984D-3763-4151-9ADC-CEA02F254C01} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a E:\v20app.exe -d E:\
 
 
INSTALLED PROGRAMS LIST
 
3D Builder Microsoft Corporation 5/17/2017 14.1.1302.0
Adobe Acrobat 5.0 Adobe Systems, Inc. 7/27/2017 12.2 MB 5.0
Adobe Acrobat Reader DC Adobe Systems Incorporated 8/14/2017 390 MB 17.012.20095
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 7/27/2017 31.0 MB 11.6.6.636
Adobe Shockwave Player 12.2 Adobe Systems, Inc 6/23/2017 54.1 MB 12.2.9.199
Alarms & Clock Microsoft Corporation 7/28/2017 10.1706.1531.0
App connector Microsoft Corporation 10/5/2016 1.3.3.0
App Installer Microsoft Corporation 2/20/2017 1.0.10332.0
Apple Application Support (32-bit) Apple Inc. 3/29/2017 162 MB 5.4.1
Apple Application Support (64-bit) Apple Inc. 3/29/2017 182 MB 5.4.1
Apple Software Update Apple Inc. 9/18/2013 4.76 MB 2.1.3.127
Avast Free Antivirus AVAST Software 8/28/2017 821 MB 17.5.2303
Calculator Microsoft Corporation 7/28/2017 10.1706.1862.0
Camera Microsoft Corporation 8/2/2017 2017.619.10.0
CCleaner Piriform 8/15/2017 20.4 MB 5.33
Get Office Microsoft Corporation 7/24/2017 17.8414.5925.0
Getting Started with Windows 8 Hewlett-Packard Company 10/5/2016 1.6.0.0
Google Chrome Google, Inc. 6/23/2017 43.8 MB 60.0.3112.113
Groove Music Microsoft Corporation 7/28/2017 10.17062.14111.0
HP 3D DriveGuard Hewlett-Packard Company 9/16/2013 6.95 MB 4.2.9.1
HP Connected Music (Meridian - installer) Meridian Audio Ltd 7/27/2017 597 KB v1.0
HP CoolSense Hewlett-Packard Company 9/16/2013 18.6 MB 2.10.51
HP Games Hewlett-Packard Company 10/5/2016 1.0.0.50
HP MyRoom Hewlett-Packard Company 4/30/2013 208 KB 9.0.0.0
HP Quick Launch Hewlett-Packard Company 10/20/2012 26.1 MB 3.0.6
HP Registration Hewlett-Packard Company 10/5/2016 1.2.1.166
HP Registration Service Hewlett-Packard 4/30/2013 18.7 MB 1.1.6232.4245
HP Support Assistant 3/9/2016
HP Support Solutions Framework HP 3/9/2016 10.9 MB 12.7.27.15
HP Utility Center Hewlett-Packard 4/29/2013 8.04 MB 1.0.8
HP Wireless Button Driver Hewlett-Packard Company 1/28/2014 1.43 MB 1.1.2.1
HP+ Hewlett-Packard Company 10/5/2016 1.2.0.93
iCloud Apple Inc. 9/2/2014 199 MB 3.1.0.40
iHeartRadio iHeartMedia. 4/10/2017 6.0.31.0
Kindle AMZN Mobile LLC 10/5/2016 2.1.0.2
Mail and Calendar Microsoft Corporation 8/24/2017 17.8400.41055.0
Malwarebytes version 3.1.2.1733 Malwarebytes 8/9/2017 131 MB 3.1.2.1733
Maps Microsoft Corporation 8/8/2017 5.1706.2001.0
Messaging Microsoft Corporation 7/27/2017 3.26.24002.0
Microsoft Mahjong Microsoft Studios 3/3/2017 3.5.2171.0
Microsoft Office 365 - en-us Microsoft Corporation 8/15/2017 2.22 GB 15.0.4953.1001
Microsoft OneDrive Microsoft Corporation 7/27/2017 106 MB 17.3.6943.0625
Microsoft Silverlight Microsoft Corporation 6/14/2017 143 MB 5.1.50907.0
Microsoft Solitaire Collection Microsoft Studios 7/3/2017 3.16.6200.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 10/20/2012 3.85 MB 3.1.0000
Microsoft Sticky Notes Microsoft Corporation 4/10/2017 1.8.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 4/30/2013 7.22 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 4/30/2013 1.62 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 10/7/2013 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 4/30/2013 5.44 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 10/20/2012 5.43 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 10/7/2013 4.80 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 18.0 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 18.9 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 7/27/2017 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 7/27/2017 17.3 MB 11.0.61030.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 7/27/2017 2.42 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 10/5/2016 1.1604.4.0
Mocha TN5250 for Windows 7/8/10 MochaSoft 10/17/2016 2.50 MB 3.1
Money Microsoft Corporation 6/7/2017 4.21.1434.0
Movies & TV Microsoft Corporation 8/23/2017 10.17072.13111.0
MSN Food & Drink Microsoft Corporation 10/5/2016 3.0.4.336
MSN Health & Fitness Microsoft Corporation 10/5/2016 3.0.4.336
MSN Travel Microsoft Corporation 10/5/2016 3.0.4.336
Netflix Netflix, Inc. 8/24/2017 6.30.148.0
News Microsoft Corporation 6/7/2017 4.21.1434.0
Norton Studio Symantec Corporation 8/4/2017 2.1.2.0
OneNote Microsoft Corporation 8/25/2017 17.8471.57791.0
Paid Wi-Fi & Cellular Microsoft Corporation 8/1/2017 2.1706.1934.0
Paint 3D Microsoft Corporation 8/22/2017 3.1708.14027.0
PC*MILER 20 7/27/2017 1.11 GB
People Microsoft Corporation 6/8/2017 10.2.1451.0
Phone Microsoft Corporation 10/5/2016 2.17.27003.0
Phone Companion Microsoft Corporation 10/5/2016 10.1609.2561.0
Photos Microsoft Corporation 8/15/2017 2017.35071.13510.0
QuickTime 7 Apple Inc. 3/10/2016 95.3 MB 7.79.80.95
Reader Microsoft Corporation 8/9/2017 6.4.9926.18784
Realtek Ethernet Controller Driver Realtek 4/29/2014 13.6 MB 8.3.730.2012
Realtek PCIE Card Reader Realtek Semiconductor Corp. 4/29/2013 85.1 MB 6.2.8400.29029
Revo Uninstaller Pro 3.1.9 VS Revo Group, Ltd. 8/15/2017 40.0 MB 3.1.9
Savings Center Featured Offers Hewlett-Packard Company 10/5/2016 1.5.0.9
Skype Skype 8/23/2017 11.19.856.0
Snapfish Snapfish 10/5/2016 6.0.588.0
Sports Microsoft Corporation 6/20/2017 4.21.1434.0
Store Microsoft Corporation 8/25/2017 11707.1001.23.0
Store Experience Host Microsoft Corporation 8/17/2017 11707.1707.25006.0
Sway Microsoft Corporation 8/23/2017 17.8471.45091.0
Synaptics Pointing Device Driver Synaptics Incorporated 7/27/2017 46.4 MB 19.0.12.98
Tips Microsoft Corporation 7/28/2017 5.11.1641.0
Twitter Twitter Inc. 7/13/2017 5.8.1.0
View 3D Microsoft Corporation 8/9/2017 1.1706.29032.0
Voice Recorder Microsoft Corporation 7/28/2017 10.1706.1561.0
Wallet Microsoft Corporation 7/27/2017 1.0.16328.0
Weather Microsoft Corporation 4/24/2017 4.20.1102.0
Windows 10 Update and Privacy Settings Microsoft Corporation 7/7/2017 2.10 MB 1.0.14.0
Windows Driver Package - Advanced Micro Devices (AtiHDAudioService) MEDIA  (06/09/2015 10.0.0.01) Advanced Micro Devices 7/27/2017 06/09/2015 10.0.0.01
Windows Live Essentials Microsoft Corporation 10/20/2012 16.4.3503.0728
Windows Reading List Microsoft Corporation 10/5/2016 6.3.9654.21234
Windows Scan Microsoft Corporation 10/5/2016 6.3.9654.17133
WinZip 17.5 WinZip Computing, S.L. 8/20/2013 195 MB 17.5.10562
Xbox Microsoft Corporation 8/15/2017 31.32.11001.0
Xbox Game bar Microsoft Corporation 7/28/2017 1.19.11001.0
Xbox Game Speech Window Microsoft Corporation 7/27/2017 1.14.2002.0
Xbox Identity Provider Microsoft Corporation 7/13/2017 11.29.23003.0
Xbox One SmartGlass Microsoft Corporation 2/15/2017 2.2.1702.2004
 
 
 
I wish to remove ALL unnecessary programs, aside from the the few that will be used regularly(like Avast, CCleaner, etc etc)


#6 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 28 August 2017 - 02:04 PM

Suggest to Disable Windows Startup: Yes  HKLM:Run HP Quick Launch Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

Click on it and then choose Disable on the right.

 

Disable these Tasks: Click on each item and then choose Disable on the right.

Yes  Task 0414cUpdateInfo AVG Technologies C:\ProgramData\Avg_Update_0414c\0414c_{37D9B819-667C-4D3C-A1E5-4156717FCA8E}.exe /SETINFO /CMPID=0414c /INFORETRY=3
Yes  Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)

Yes Task HPCeeScheduleForAlyssa Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlyssa (null)

Yes Task OneDrive Standalone Update Task-S-1-5-21-4245539598-182883426-71589199-1002 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task {61CA984D-3763-4151-9ADC-CEA02F254C01} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a E:\v20app.exe -d E:\
 
Uninstall these programs:
Norton Studio Symantec Corporation 8/4/2017 2.1.2.0
QuickTime 7 Apple Inc. 3/10/2016 95.3 MB 7.79.80.95
Windows Live Essentials Microsoft Corporation 10/20/2012 16.4.3503.0728
WinZip 17.5 WinZip Computing, S.L. 8/20/2013 195 MB 17.5.10562 (Keep...if you use it)
 
I've listed programs no longer supported and WinZip which is not up to date and often installs adware.
There are likely other programs that you will not need but you will have to decide that such as HP's support asst., etc.
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 28 August 2017 - 02:47 PM

I got everything on the list completed, except for one step.

 

When I attempted to disable the below task, I got an error message

 

Yes  Task 0414cUpdateInfo AVG Technologies C:\ProgramData\Avg_Update_0414c\0414c_{37D9B819-667C-4D3C-A1E5-4156717FCA8E}.exe /SETINFO /CMPID=0414c /INFORETRY=3

 

Message:  "Failed to enable/disable startup item:

                   The system cannot find the file specified."



#8 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 28 August 2017 - 02:57 PM

See what happens when you choose to Delete instead of Disable. The AVG adware was deleted by the other scans so if that item doesn't

delete that's okay. Avast bought AVG last month so that may be why the AVG adware is on the computer....not sure as you may have picked it up elsewhere.

 

After doing that and rebooting....do you see any other problem? If not, give it a couple of days and let me know if anything else pops up.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 28 August 2017 - 03:19 PM

I didn't have any issues deleting it. The system seems to not be running nealry as hard as it was. I'll set a reminder in my phone and check back with you(on this thread) in a couple days, and let you know if everything is still running smoothly. Again, thank you very much for your help, it is very much appreciated.

 

Have a great day!



#10 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 28 August 2017 - 04:32 PM

Please do that...you're welcome...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 01 September 2017 - 10:03 AM

Everything seems to be running fine.  Haven't had any other issues.  Again, thank you greatly for your help, it is very much appreciated.



#12 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 01 September 2017 - 10:15 AM

Thanks for reporting back...you're welcome!


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 05 September 2017 - 12:18 PM

I am in need of help again.  This computer is back to running incredibly slow.  It took quite awhile just to get online so I could post this reply.  My Avast scans and Malwarebytes scans are not showing anything is infected, but the computer is running and acting as if it were heavily infected.  It ran fine for a few days after you walked me thru those previous steps, but now its running very very very slowly.  Are there any other steps I could try?



#14 buddy215

buddy215

  • Moderator
  • 13,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:04 AM

Posted 05 September 2017 - 01:26 PM

Run CCleaner, AdwCleaner and Junkware Removal Tool. You may have picked up something recently. Post those two logs

if they find anything.

 

If they find nothing or the problem still exists...start a new topic in the malware removal forum by followning directions below.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 Red131313

Red131313
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 05 September 2017 - 02:22 PM

I'm currently accessing this thread from my own personal computer.  I ran AdwCleaner and did the reboot to finish the cleaning process like it asked.  The computer seemed to get hung up on the rebooting process, now I've got a black DOS screen which reads

 

SMART Hard DIsk Error

 

The SMART hard disk check has detected an imminent failure.  To ensure not data loss, please backup the content immediately and run the Hard Disk Test in System Diagnostics. 

 

Hard Disk 1 (301)

 

F2     System Diagnostics

 

ENTER - Continue Startup

 

 

(FYI, both scans found something again.  I don't believe it has to do with web surfing, as the computer in question is being used as a work computer)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users