re-mbam scan

aliEnRIK

No HKCU:Run BrowserChoice Microsoft Corporation "C:\Windows\System32\browserchoice.exe" /run
Yes HKCU:Run SpybotPostWindows10UpgradeReInstall Safer-Networking Ltd. "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes Startup Common Secunia PSI Tray.lnk Secunia C:\Program Files\Secunia\PSI\psi_tray.exe

I would 'disable' all of the above from startup using ccleaner
Again, I would definitely uninstall rapport. Its junk and causes all sorts of performance issues

if you follow this advice, reboot and let us know how things are

joe134

aliEnRIK wrote: »

No HKCU:Run BrowserChoice Microsoft Corporation "C:\Windows\System32\browserchoice.exe" /run
Yes HKCU:Run SpybotPostWindows10UpgradeReInstall Safer-Networking Ltd. "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes Startup Common Secunia PSI Tray.lnk Secunia C:\Program Files\Secunia\PSI\psi_tray.exe

I would 'disable' all of the above from startup using ccleaner
Again, I would definitely uninstall rapport. Its junk and causes all sorts of performance issues

if you follow this advice, reboot and let us know how things are

Did as requested, but, before you replied, I had removed Secunia and Rapport from PC, so, Startup common Sec wasn't there.
two I disabled, but the first one, No;HKCU.Run browser wouldn't allow disable, just greyed out on button.
However, just checked CC startup again, and all 3 are greyed out, so disabled??
Don't know why Spybots there, I removed it yonks ago, not in programs?

Rebooted, aok, faster than usual it seemed to me.
being the eternal pessimist, I hope I'm not tempting fate, that's how things are with me:rotfl:
if it can happen ,it will:)
:beer:

aliEnRIK

Sicard wrote: »

I had this when I tried the trail Pro version so I uninstalled it and am back on the free version. If you're W10 like me there seems to be some idiocynracies between the two.

As Sicard said. I would uninstall malwarebytes and reinstall the latest version (I use the site filehippo for things like this) but do NOT allow the trial to run

bubblesbonbon

aliEnRIK wrote: »

Sorry about that Sir. Ive not dealt with this forum for years due to people sticking knives in my back

Welcome back Rik - You have been sorely missed believe me.

Myself and many others I am sure, would hope that you intend to stay and ignore the Jim Bowies who lurk this forum
:j

DavidP24

Yeeeuk

That PC is bloat heaven, but let's break it down

First thing that jumps out is that you have MULTIPLE AV products running, some may be expired but they could be protecting a part of the disk that MBAM is trying to search for rootkits on. Also every damn file you open gets scanned by each of them cause it to go slow.

At this stage I would remove ALL AV software starting with these and use standalone scanners, you will need to uninstall using the uninstall from each program or they may assume you are a virus trying to disable them. If you removed them and these are remnants then get tools from each AV site. If after running removal or uninstall for each of these then install ccleaner from author Piriform site

These are the ones you want gone but you will need to try each AV uninstall first, either from start menu or get revo uninstaller which will launch uninstall but clean up their shiiite after if you use option 4

joe134 wrote: »

joe134 wrote: »

O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes -
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software -
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. -
O4 - Global Startup: Secunia PSI Tray.lnk
O23 - Service: Secunia PSI Agent - Secunia -
O23 - Service: Secunia Update Agent - Secunia -

Moving on


Probably second only to Itunes! This is one of the most incompatible pieces of dog dung software on the planet. I would rather drive to a ATM machine than do home banking with it but you could do it in a VM if you were worried about your bank blaming you for their lack of security. Disable it in ccleaner and start it again if and when you use it.

joe134 wrote: »

joe134 wrote: »

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp.

Moving on


Next we have the BLOAT section, these are the apps and services that software makers install, they hog network resources and do God knows what the hell they want (for example Chrome sniffs your home for bluetooth devices just to spy)

I would disable all of these services as I do not need them day to day, I only use iTunes for backup so I turn them back on when I backup, these are not startup they are services (type Services from start menu), also need to to run task scheduler and disable those that would put their kwap back, that includes Google Chrome update task, Adobe anything, Skype, HP and any other UPDATE).

joe134 wrote: »

joe134 wrote: »

O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AR487W005PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1

O4 - Startup: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

NOTE: I remove kwap I do not use, I do my updates manually at a time and place and lan that suits me, if you feel you REALLY need one of these turn it back on when you are satisfied your system is clean, but do one at a time. Itunes can be a performance hit, some of the others slow down your system by generating network traffic and hogging services while they wait for a reply.

If your system is terribly slow and you can't to much, load task manager and end the following processes while you do the above, they should be gone after reboot if you all all OK

joe134 wrote: »

joe134 wrote: »

AVAST Software\Avast\AvastUI.exe
AOL\1384084128\ee\aolsoftware.exe
iTunesHelper.exe
googledrivesync.exe
HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
googledrivesync.exe
HPNetworkCommunicator.exe
Digimax Viewer 2.1\STImgBrowser.exe
PSI\psi_tray.exe

joe134

DavidP24 wrote: »

Yeeeuk

That PC is bloat heaven, but let's break it down

First thing that jumps out is that you have MULTIPLE AV products running, some may be expired but they could be protecting a part of the disk that MBAM is trying to search for rootkits on. Also every damn file you open gets scanned by each of them cause it to go slow.

At this stage I would remove ALL AV software starting with these and use standalone scanners, you will need to uninstall using the uninstall from each program or they may assume you are a virus trying to disable them. If you removed them and these are remnants then get tools from each AV site. If after running removal or uninstall for each of these then install ccleaner from author Piriform site

These are the ones you want gone but you will need to try each AV uninstall first, either from start menu or get revo uninstaller which will launch uninstall but clean up their shiiite after if you use option 4





Moving on


Probably second only to Itunes! This is one of the most incompatible pieces of dog dung software on the planet. I would rather drive to a ATM machine than do home banking with it but you could do it in a VM if you were worried about your bank blaming you for their lack of security. Disable it in ccleaner and start it again if and when you use it.



Moving on


Next we have the BLOAT section, these are the apps and services that software makers install, they hog network resources and do God knows what the hell they want (for example Chrome sniffs your home for bluetooth devices just to spy)

I would disable all of these services as I do not need them day to day, I only use iTunes for backup so I turn them back on when I backup, these are not startup they are services (type Services from start menu), also need to to run task scheduler and disable those that would put their kwap back, that includes Google Chrome update task, Adobe anything, Skype, HP and any other UPDATE).



NOTE: I remove kwap I do not use, I do my updates manually at a time and place and lan that suits me, if you feel you REALLY need one of these turn it back on when you are satisfied your system is clean, but do one at a time. Itunes can be a performance hit, some of the others slow down your system by generating network traffic and hogging services while they wait for a reply.

If your system is terribly slow and you can't to much, load task manager and end the following processes while you do the above, they should be gone after reboot if you all all OK

Just had a walk.
Clear my head, reading this, it's a mammoth task.:)
AOL. is my ISP, or TT now.
Need to read this and Digest it all.
Too much for me to get my head around in one read.
will do so though:beer:

joe134

aliEnRIK wrote: »

As Sicard said. I would uninstall malwarebytes and reinstall the latest version (I use the site filehippo for things like this) but do NOT allow the trial to run

I use FileHippo too, and as my lifetime premium version has the 3.0, FileHippo only had the basic 2.2 if I recall the other day, and no realtime .?
will double check though.
Thanks again, appreciate everything you have done for me.
I ,ve had your assistance a while back, last time I used Highjackthis,(when I could post it direct onto here,) years ago, and you were very helpfull then.?
cheers

DavidP24

Sorry, it looks a lot but really only about 10 mins work but break it down into three things

Disable Startup items

For ccleaner start up you only need to tick boxes



I will add the other two in a sec

DavidP24

joe134 wrote: »

AOL. is my ISP, or TT now.

No way I would tolerate this, I doubt is needed but try to rid yourself of it.

Revo Uninstaller here

Once you select an app to uninstall and agree to uninstall it offers this,


choose 4th Option

DavidP24

To load services, Press the Windows+R keys to open the Run dialog, type services.msc

You just right click a service you want to change and disable it,



you can also use this to stop and start a service, Win10 has moved some of these to task manager for convenience but I like doing it this way

Look at this page to familiarise yourself with services

https://www.howtogeek.com/school/using-windows-admin-tools-like-a-pro/lesson8/

or this one

https://www.tenforums.com/tutorials/4499-start-stop-disable-services-windows-10-a.html