Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

'Something's not right' Google message - why?


  • Please log in to reply
22 replies to this topic

#1 zzzz

zzzz

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 14 October 2017 - 01:07 PM

Very often when starting up I get this message. Also 'google not responding' can sometimes appear. Also 'We're having trouble connecting to Google' sometimes appears. It can take around 5 minutes to settle down.

 

So what is the cause of this which never happened in my previous 10 years of computing? Too many using Google on my ISP? Upgrading to Win 10 overburdens my components but only on startup?

 

Not a great calamity but I'd like to know its source and if I can get around this.

 

Thanks for any views.


Edited by hamluis, 16 October 2017 - 10:58 AM.
Moved from Web Browsing/Email to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,944 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:38 PM

Posted 14 October 2017 - 01:08 PM

What browser are you using?


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 14 October 2017 - 01:12 PM

Chrome - should be quite up to date.

 

Yes - Version 61.0.3163.100 (Official Build) (32-bit)


Edited by zzzz, 14 October 2017 - 01:15 PM.


#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,944 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:38 PM

Posted 14 October 2017 - 01:28 PM

Is your browser using a bunch of memory or CPU?

 

Your issue might be related to what Grinler wrote about here:

 

https://www.bleepingcomputer.com/tutorials/how-to-determine-why-chrome-is-using-a-lot-of-memory-or-cpu/


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 buddy215

buddy215

  • Moderator
  • 13,121 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 PM

Posted 14 October 2017 - 02:40 PM

Try cleaning and blocking Chrome from startup. Use CCleaner for that. If you want me to review the 3 lists from CCleaner....post them per

instructions below.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 15 October 2017 - 10:21 AM

Orange Blossom  - I'm on my laptop now and have 'page not responding' problems so have used you tip but found no excess CPU or memory  usage but will repeat with my above  problem PC to check that. (Stopping the WiFi and using my ethernet cable didn't help but a restart did.)

 

buddy215 - thank you for that procedure - I'll do that when I open my PC later.



#7 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 16 October 2017 - 06:27 AM

The Save to Text files all had the same name install.txt. I hope all the info is here. Let me know if not. I'd like to get rid of the Apple stuff - didn't know it was there.
 
 
Advanced IP Scanner 2.5 Famatech 06-Sep-17 43.9 MB 2.5.3233
AES Crypt Packetizer, Inc. 06-Sep-16 3.14 MB 3.10
Alarms & Clock Microsoft Corporation 23-May-17 10.1705.1303.0
Alternate File Shredder 1.970 Alternate Tools 11-Sep-16 2.94 MB
App connector Microsoft Corporation 11-May-16 1.3.3.0
Apple Application Support (32-bit) Apple Inc. 27-Aug-17 257 MB 5.6
Apple Mobile Device Support Apple Inc. 27-Aug-17 43.8 MB 10.3.2.3
Apple Software Update Apple Inc. 27-Aug-17 5.41 MB 2.3.0.177
Backup and Sync from Google Google, Inc. 12-Sep-17 96.4 MB 3.36.6721.3394
Bonjour Apple Inc. 27-Aug-17 2.04 MB 3.1.0.1
Calculator Microsoft Corporation 24-May-17 10.1705.1301.0
Camera Microsoft Corporation 02-Aug-17 2017.619.10.0
CCleaner Piriform 16-Oct-17 5.35
ClipMagic Lite 4.1 MJT Net Ltd 25-May-16 2.68 MB 4.1
CPUID CPU-Z 1.73 22-Sep-15 3.39 MB
Digital microscope Vimicro Corp. 25-Nov-14 99.8 MB 2009.03.18
DriverToolkit version 8.5.0.0 Megaify Software 30-Jun-16 6.88 MB 8.5.0.0
Dropbox Dropbox, Inc. 09-Oct-17 199 MB 36.4.22
EaseUS Partition Master 10.5 EaseUS 10-Jul-15 194 MB
EaseUS Todo Backup Free 8.9 CHENGDU YIWO Tech Development Co., Ltd 10-Jul-15 8.9
EasyBCD 2.2 NeoSmart Technologies 25-May-16 5.03 MB 2.2
EditPad Lite 7.3.1 Just Great Software 14-Jun-14 9.64 MB 7.3.1
Epic Privacy Browser Epic 19-Jan-17 55.0.2661.75
EPSON Scan 16-May-16 411 KB
Evernote v. 6.7.5 Evernote Corp. 02-Oct-17 335 MB 6.7.5.5825
Films & TV Microsoft Corporation 02-Aug-17 10.17062.12911.0
FlightGear v2017.2.1 The FlightGear Team 07-Sep-17 2.31 GB
Foxit Reader Foxit Software Inc. 29-Sep-17 171 MB 8.3.2.25013
Get Skype Skype 11-May-16 3.2.1.0
Gmail Notifier 25-May-16 7.18 MB
Google Chrome Google Inc. 06-Apr-14 308 MB 61.0.3163.100
Google Earth Plug-in Google 30-Sep-15 165 MB 7.1.5.1557
Google Earth Pro Google 24-Aug-17 203 MB 7.3.0.3832
Greenshot 1.2.9.129 Greenshot 07-Aug-17 2.69 MB 1.2.9.129
Groove Music Microsoft Corporation 01-Dec-16 10.16102.10341.0
HD Tune 2.55 EFD Software 03-Feb-15 1.23 MB
Hyper for YouTube CensoredUser 02-Aug-17 3.1.12.0
ImgBurn LIGHTNING UK! 09-Apr-14 3.00 MB 2.5.8.0
Java 8 Update 101 Oracle Corporation 13-Aug-16 50.9 MB 8.0.1010.13
KB4023057 Microsoft Corporation 09-Oct-17 876 KB 2.5.0.0
Macrium Reflect Free Edition Paramount Software (UK) Ltd. 16-May-16 124 MB 6.1
Mail and Calendar Microsoft Corporation 18-Mar-17 17.8008.42001.0
Maintenance Samsung ML-1660 Series Samsung Electronics Co., Ltd. 16-May-16 109 MB
Malwarebytes Anti-Malware version 2.2.1.1043 Malwarebytes 08-Mar-17 57.6 MB 2.2.1.1043
Maps Microsoft Corporation 14-Dec-16 5.1611.3341.0
McAfee WebAdvisor McAfee, Inc. 18-Sep-17 124 MB 4.0.161
McAfee® Internet Security McAfee, Inc. 18-Sep-17 124 MB 16.0.3
MicroCapture 2.5 16-May-16 8.56 MB 2.5
Microsoft OneDrive Microsoft Corporation 15-Sep-17 95.9 MB 17.3.6998.0830
Microsoft Silverlight Microsoft Corporation 24-Jun-16 63.2 MB 5.1.50428.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 17-Mar-16 480 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 09-Apr-14 700 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 Microsoft Corporation 28-Mar-16 15.9 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 11-May-16 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 Microsoft Corporation 25-Aug-17 19.5 MB 14.10.25008.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 24-Apr-14 70.0 KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24-Apr-14 2.67 MB 4.20.9876.0
NVIDIA Drivers 11-May-16
NVIDIA Graphics Driver 309.08 NVIDIA Corporation 11-Mar-15 241 MB 309.08
NVIDIA Update 1.10.8 NVIDIA Corporation 06-Apr-14 2.02 MB 1.10.8
OneNote 12-Oct-17
OpenOffice 4.0.1 Apache Software Foundation 09-Apr-14 317 MB 4.01.9714
People Microsoft Corporation 08-Apr-17 10.2.831.0
Phone Microsoft Corporation 03-Jun-16 2.17.27003.0
PhotoPad Image Editor NCH Software 31-Aug-17 11.1 MB 3.12
Photos Microsoft Corporation 05-Apr-17 17.313.10010.0
PrivaZer Goversoft LLC 20-Mar-17 16.2 MB 3.0.18.0
Puran File Recovery 1.2.1 Puran Software 04-Sep-16 13.9 MB
puush Dean Herbert 16-Dec-14 1.04 MB 1.0.0.0
Revo Uninstaller 2.0.2 VS Revo Group, Ltd. 01-Apr-17 19.1 MB 2.0.2
Speccy Piriform 23-Aug-16 7.57 MB 1.29
Store Microsoft Corporation 02-Aug-17 11706.1001.26.0
SUPERAntiSpyware SUPERAntiSpyware.com 28-Oct-16 9.44 MB 6.0.1220
Surfing Protection IObit 17-Mar-16 27.7 MB 1.3
System Explorer 5.7.0 Mister Group 17-Jun-14 7.14 MB
Tips Microsoft Corporation 02-Aug-17 5.11.1641.0
TunnelBear TunnelBear 18-Sep-17 120 MB 3.0.35.4
VIA Platform Device Manager VIA Technologies, Inc. 08-Apr-14 5.23 MB 1.34
Viber Viber Media Inc 16-May-16 153 MB 5.1.2.24
VLC media player VideoLAN 10-Jan-17 124 MB 2.2.4
Voice Recorder Microsoft Corporation 23-May-17 10.1705.1302.0
VueScan x32 16-May-16 13.7 MB
Weather Microsoft Corporation 22-Apr-17 4.20.1102.0
Windows 10 Update and Privacy Settings Microsoft Corporation 09-Jul-17 1.81 MB 1.0.14.0
Windows 10 Update Assistant Microsoft Corporation 13-Oct-17 5.00 MB 1.4.9200.22243
Windows DVD Player Microsoft Corporation 12-May-16 3.6.13291.0
WinPatrol Ruiware 16-Dec-16 5.73 MB 34.11.2016.27
Xbox Microsoft Corporation 04-Oct-17 33.33.15001.0

Edited by zzzz, 16 October 2017 - 06:28 AM.


#8 buddy215

buddy215

  • Moderator
  • 13,121 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 PM

Posted 16 October 2017 - 07:19 AM

You've added several programs in the last 2 to 3 months. I suggest you go through ALL of the programs and uninstall

the ones you don't use.

 

I suggest you start with uninstalling these: Use your Revo uninstaller...

TunnelBear TunnelBear 18-Sep-17 120 MB 3.0.35.4 (unless you actually use it...)

Surfing Protection IObit 17-Mar-16 27.7 MB 1.3

SUPERAntiSpyware SUPERAntiSpyware.com 28-Oct-16 9.44 MB 6.0.1220

PrivaZer Goversoft LLC 20-Mar-17 16.2 MB 3.0.18.0

McAfee WebAdvisor McAfee, Inc. 18-Sep-17 124 MB 4.0.161
Java 8 Update 101 Oracle Corporation 13-Aug-16 50.9 MB 8.0.1010.13
Epic Privacy Browser Epic 19-Jan-17 55.0.2661.75
DriverToolkit version 8.5.0.0 Megaify Software 30-Jun-16 6.88 MB 8.5.0.0
 
Unless you actually use this...Advanced IP Scanner 2.5 Famatech 06-Sep-17 43.9 MB 2.5.3233....I suggest uninstalling it.
 
I really need to see the two missing lists from CCleaner...Windows Startups and Scheduled Tasks. Try again to get those lists.
I am also going to ask that this topic be moved to the Am I Infected....forum as some of the programs you have installed are
often bundled with adware.

Edited by buddy215, 16 October 2017 - 10:46 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 16 October 2017 - 12:43 PM

 
 
I haven't done any uninstalling yet.
 
I had done these before but they seem to go into one file install.txt but didn't. I thought I would get install.txt(2) and install.txt(3) so i had to rename them this time.
 
Windows Startups:
 
No CHotkey
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run GoogleChromeAutoLaunch_E88E0EBEFC9E43A0440286D13063E466 Google Inc. "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
Yes HKCU:Run GoogleDriveSync Google Inc "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
No HKCU:Run OneDrive Microsoft Corporation "C:\Users\Dennis 7\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
No HKCU:Run puush Dean Herbert C:\Program Files\puush\puush.exe
No HKCU:Run puush Dean Herbert C:\Program Files\puush\puush.exe
Yes HKCU:Run WinPatrol Ruiware C:\Program Files\Ruiware\WinPatrol\winpatrol.exe
Yes HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
Yes HKLM:Run Greenshot Greenshot C:\Program Files\Greenshot\Greenshot.exe
Yes HKLM:Run HDAudDeck VIA C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
Yes HKLM:Run Samsung PanelMgr C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
No HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run VMonitorVMUVC Vimicro Corporation "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
No HKLM:Run ZoneAlarm Check Point Software Technologies Ltd. "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
Yes Startup User EvernoteTray.lnk Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 C:\Program Files\Evernote\Evernote\EvernoteTray.exe
 
Scheduled Tasks:
 
Yes Task ASC7U_SkipUac_Dennis 7 C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /SkipUac
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task Driver Booster SkipUAC (Dennis 7) C:\Program Files\IObit\Driver Booster\DriverBooster.exe /skipuac
Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
Yes Task OneDrive Standalone Update Task-S-1-5-21-4231395157-3071452101-2171592690-1000 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task Opera scheduled Autoupdate 1472159495 C:\Program Files\Opera beta\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task PrivaZer_SkipUAC Goversoft LLC C:\Program Files\PrivaZer\PrivaZer.exe $(Arg0)
Yes Task SmartDefrag_AutoAnalyze C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe /AUTOANALYZE
Yes Task SmartDefrag_Startup C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe /STARTUP
Yes Task SmartDefrag_Update C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe /autorun
Yes Task {00FA8327-FBE2-489D-BE7E-98C8E5A30BD9} Mister Group C:\Program Files\System Explorer\SystemExplorer.exe
Yes Task {CF658E61-EF29-45E6-9DDA-437C284B1293} C:\Program Files\Lexmark X1100 Series\LXBKaiox.exe
Yes Task {E56F4E17-0AC4-4481-A3A0-EF1D0B4F195F} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\Dennis 7\Downloads\setup.exe" -d "C:\Users\Dennis 7\Downloads"
 


#10 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 16 October 2017 - 01:08 PM

I have now uninstalled those you have suggested.

 

Will I get a redirection notice if this thread is redirected?  

 

Thanks for your attention on my problem by the way.



#11 buddy215

buddy215

  • Moderator
  • 13,121 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 PM

Posted 16 October 2017 - 01:16 PM

You can see this topic is now in the Am I Infected...forum.

 

Use the programs below to remove adware and malware.

 

Malwarebytes - Clean Mode

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

If you are unable to run a scan using MBAM:

Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/

 

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 buddy215

buddy215

  • Moderator
  • 13,121 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:38 PM

Posted 16 October 2017 - 01:31 PM

Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run GoogleChromeAutoLaunch_E88E0EBEFC9E43A0440286D13063E466 Google Inc. "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
Yes HKCU:Run GoogleDriveSync Google Inc "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
Yes HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
Yes HKLM:Run Greenshot Greenshot C:\Program Files\Greenshot\Greenshot.exe

Yes HKLM:Run VMonitorVMUVC Vimicro Corporation "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC

Yes Startup User EvernoteTray.lnk Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 C:\Program Files\Evernote\Evernote\EvernoteTray.exe
 
Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes Task ASC7U_SkipUac_Dennis 7 C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /SkipUac
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task Driver Booster SkipUAC (Dennis 7) C:\Program Files\IObit\Driver Booster\DriverBooster.exe /skipuac
Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

Yes Task OneDrive Standalone Update Task-S-1-5-21-4231395157-3071452101-2171592690-1000 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task Opera scheduled Autoupdate 1472159495 C:\Program Files\Opera beta\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task PrivaZer_SkipUAC Goversoft LLC C:\Program Files\PrivaZer\PrivaZer.exe $(Arg0)
Yes Task SmartDefrag_AutoAnalyze C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe /AUTOANALYZE
Yes Task SmartDefrag_Startup C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe /STARTUP
Yes Task SmartDefrag_Update C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe /autorun
Yes Task {00FA8327-FBE2-489D-BE7E-98C8E5A30BD9} Mister Group C:\Program Files\System Explorer\SystemExplorer.exe
Yes Task {CF658E61-EF29-45E6-9DDA-437C284B1293} C:\Program Files\Lexmark X1100 Series\LXBKaiox.exe
Yes Task {E56F4E17-0AC4-4481-A3A0-EF1D0B4F195F} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\Dennis 7\Downloads\setup.exe" -d "C:\Users\Dennis 7\Downloads"

Edited by buddy215, 16 October 2017 - 01:32 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 17 October 2017 - 07:01 AM

Initial reply:

 

MBAM  gave no threats, after updating data base. Then it said that the program was out of date!  So updated and ran again (forced into a Pro Trial) but that also detected no threats.

 

 

I'll work on disabling the Tasks and Startups.

 

Since starting this post I've not got any 'Something's not right' so fingers crossed.


Edited by zzzz, 17 October 2017 - 07:02 AM.


#14 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 17 October 2017 - 07:15 AM

AdwCleaner run. It found no malicious services only PUPs.

 

I cannot see the whole notepad .txt list or post it as clicking it in the system tray to show the notepad, when I move the cursor from there the page disappears!! I've tried many times.  Any ideas why this should happen?



#15 zzzz

zzzz
  • Topic Starter

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:38 AM

Posted 17 October 2017 - 07:18 AM

Oh by clicking on Task View and clicking on the shown notepad it opened so I could manipulate it! So here it is.
 
 
# AdwCleaner 7.0.3.1 - Logfile created on Tue Oct 17 12:07:36 2017
# Updated on 2017/29/09 by Malwarebytes 
# Database: 10-17-2017.1
# Running on Windows 10 Home (X86)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.AdvancedSystemCare, C:\Users\Dennis 7\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Dennis 7\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\ProgramData\Packer
PUP.Optional.Legacy, C:\ProgramData\Application Data\Packer
PUP.Optional.Legacy, C:\Users\All Users\Packer
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\ProgramData\Application Data\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\Program Files\Auslogics
PUP.Optional.AuslogicsDriverUpdater, C:\Users\All Users\Auslogics
 
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4231395157-3071452101-2171592690-1000\Software\Condut
PUP.Optional.Legacy, [Key] - HKCU\Software\Condut
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.AuslogicsDriverUpdater, [Key] - HKLM\SOFTWARE\Auslogics
PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-4231395157-3071452101-2171592690-1000\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r1360-n-bc.exe
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
PUP.Optional.Legacy, SearchProvider found: Ask - ask.com_
PUP.Optional.Legacy, SearchProvider found: Conduit Search - conduit.search
PUP.Optional.Legacy, Startpage found: http://www.google.com/
PUP.Optional.Legacy, Startpage found: https://uk.search.yahoo.com/?type=523482&fr=yo-yhp-ch
 
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 
 
 
*************************
 
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users