Jump to content
Sign in to follow this  
no_inspiration

( SOLVED ) "MyPC BackUp"

Recommended Posts

Hi there,

 

I'm with this tread on my computer for a while now and I've tried everything to remove it.

I can't remove it from my software-list because it's simply not there (anymore?) and SAS (but also MB-AMW) didn't detect it. Avast neither.

If I search for the tread in my start-menu, it doesn't find anything. I don't get it.

 

I've read about Adware Cleaner to remove it, but I don't want to use this one anymore since it made my internet freeze most of the time.

I even did a "disk cleaning" (with windows, not some tool) step by step, but it didn't help either! A few minutes later this fake pop-up note was back.

 

Seems this tread do is removed, but not all of it? Or what?

 

Please help;

 

Gr,

n_i

 

P.S.: I'm using Windows 7.

Share this post


Link to post
Share on other sites

Hi no_inspiration,

 

Can you download and run DDS and attach the log files back here please.

 

Thanks.

Share this post


Link to post
Share on other sites
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344  BrowserJavaVersion: 10.71.2
Run by Lynn at 22:00:58 on 2014-11-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.3894.1562 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWlan.exe
C:\Windows\runSW.exe
C:\Windows\SwUSB.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Lynn\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [F.lux] "C:\Users\Lynn\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [TornTv Downloader] C:\Users\Lynn\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3A1B41BF-4F85-45BC-AC71-C8C92762769C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8B0A0182-185E-46FE-9E54-2901526E60A0} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A86B1F7B-2802-4509-8F23-902CA16072EA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{A86B1F7B-2802-4509-8F23-902CA16072EA}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.134 195.130.131.134
TCP: Interfaces\{AA1736E7-DC82-4024-8591-40EA6507404E} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lynn\AppData\Roaming\Mozilla\Firefox\Profiles\j5mbu2e2.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Lynn\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll
FF - plugin: C:\Users\Lynn\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-8-30 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-8-30 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-30 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-8-30 427360]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-7-11 172344]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-2-17 98208]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-8-30 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-30 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-30 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-30 50344]
R2 RealtekWlanU;RealtekWlanU;C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [2014-10-7 36864]
R2 RunSwUSB;RunSwUSB;C:\Windows\runSW.exe [2014-10-7 48856]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2013-2-16 227896]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-3-5 271872]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtwlanu.sys [2014-10-7 2978520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-9 1871160]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-9 968504]
S2 RTLDHCPService;Realtek DHCP Service;C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [2014-10-7 261848]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2014-3-6 14448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-15 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-23 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-9 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-16 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-16 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-16 30208]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-15 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-11-01 12:15:50    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A28A77A4-F6CC-4ECF-B036-B958A58AEC58}\offreg.dll
2014-10-31 18:26:33    11627712    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A28A77A4-F6CC-4ECF-B036-B958A58AEC58}\mpengine.dll
2014-10-15 13:18:15    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 13:08:57    842240    ----a-w-    C:\Windows\System32\blackbox.dll
2014-10-15 13:07:41    276480    ----a-w-    C:\Windows\System32\generaltel.dll
2014-10-15 13:07:40    507392    ----a-w-    C:\Windows\System32\aepdu.dll
2014-10-15 13:07:39    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-10-15 13:01:39    6584320    ----a-w-    C:\Windows\System32\mstscax.dll
2014-10-15 13:01:37    5703168    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-10-15 13:01:34    77312    ----a-w-    C:\Windows\System32\packager.dll
2014-10-15 13:01:34    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-15 12:47:15    220784    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-10-07 15:50:01    --------    d-----w-    C:\Program Files (x86)\Cisco
2014-10-07 15:48:50    2978520    ----a-r-    C:\Windows\System32\drivers\rtwlanu.sys
2014-10-07 15:48:40    594432    ----a-w-    C:\Windows\System32\Rtlihvs.dll
2014-10-07 15:48:15    12981    ----a-w-    C:\Windows\SysWow64\REALPKT.VXD
2014-10-07 15:48:15    100000    ----a-w-    C:\Windows\SysWow64\EAPPkt9x.VXD
2014-10-07 15:48:14    614400    ----a-w-    C:\Windows\SysWow64\Rtlihvs.dll
2014-10-07 15:48:14    380928    ----a-w-    C:\Windows\RtlUI2.exe
2014-10-07 15:48:13    48856    ----a-w-    C:\Windows\runSW.exe
2014-10-07 15:48:13    454360    ----a-w-    C:\Windows\SwUSB.exe
2014-10-07 15:48:12    451072    ----a-w-    C:\Windows\SysWow64\ISSRemoveSP.exe
2014-10-03 06:57:43    --------    d-----r-    C:\Program Files (x86)\Skype
.
==================== Find3M  ====================
.
2014-11-01 12:25:45    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-28 05:34:58    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-10-17 20:46:35    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-17 20:46:35    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-01 10:11:26    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-10-01 10:11:16    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 10:11:12    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-29 00:58:48    3198976    ----a-w-    C:\Windows\System32\win32k.sys
2014-09-25 22:32:04    2017280    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02    2108416    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-09-25 02:08:38    371712    ----a-w-    C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50    519680    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2014-09-19 01:56:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-09-19 01:55:49    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-09-19 01:40:03    547328    ----a-w-    C:\Windows\System32\vbscript.dll
2014-09-19 01:39:58    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-09-19 01:36:57    5829632    ----a-w-    C:\Windows\System32\jscript9.dll
2014-09-19 01:26:00    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-09-19 01:25:49    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-09-19 01:25:12    4201472    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-09-19 01:25:09    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-09-19 01:18:02    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-09-19 01:01:47    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-09-19 01:01:03    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18    2309632    ----a-w-    C:\Windows\System32\wininet.dll
2014-09-19 00:18:55    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11    1810944    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-09-18 02:00:42    3241472    ----a-w-    C:\Windows\System32\msi.dll
2014-09-18 01:32:52    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-09-09 22:11:04    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-09 21:47:10    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20    424448    ----a-w-    C:\Windows\System32\rastls.dll
2014-09-04 05:04:15    372736    ----a-w-    C:\Windows\SysWow64\rastls.dll
2014-08-30 12:31:12    92008    ----a-w-    C:\Windows\System32\drivers\aswStm.sys
2014-08-30 12:31:12    79184    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-30 12:31:12    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-08-30 12:31:12    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-08-30 12:31:12    224896    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-08-30 12:31:12    1041168    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-08-30 12:31:10    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-08-30 12:31:07    43152    ----a-w-    C:\Windows\avastSS.scr
2014-08-29 02:07:13    3179520    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-08-23 02:07:00    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-19 03:11:28    693176    ----a-w-    C:\Windows\System32\winload.efi
2014-08-19 03:10:10    616352    ----a-w-    C:\Windows\System32\winresume.efi
2014-08-19 03:08:04    503808    ----a-w-    C:\Windows\System32\srcore.dll
2014-08-19 03:08:04    50176    ----a-w-    C:\Windows\System32\srclient.dll
2014-08-19 03:08:03    63488    ----a-w-    C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51    58880    ----a-w-    C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51    32256    ----a-w-    C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33    296960    ----a-w-    C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11    17920    ----a-w-    C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11    146944    ----a-w-    C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39    43008    ----a-w-    C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22    50688    ----a-w-    C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56    61440    ----a-w-    C:\Windows\System32\drivers\appid.sys
2010-02-14 14:35:58    4411392    ----a-w-    C:\Program Files (x86)\mplayerc.exe
2006-03-17 19:39:22    147456    ----a-w-    C:\Program Files (x86)\BURNCDCC.EXE
.
============= FINISH: 22:02:00,12 ===============

Share this post


Link to post
Share on other sites

It appears to be inside C:\ProgramFiles(x86)\MyPCBackup\MyPCBackup.exe

 

Adwcleaner shouldn't affect your internet as it doesn't work that way, it may also remove TornTV (a malicious site known for malware).

If you really don't wish to adwcleaner you should be able to do the following;

 

Open up a Run box (Winkey+R)

 

Type "msconfig" (minus quotes)

 

Select 'Startup Tab' and uncheck MyPCBackup and *TornTV (*optional, but recommended to remove)

 

Select Apply

 

Select 'Services Tab' and check 'Hide All MS Services'

 

Uncheck MyPCBackup and *TornTV (if shown)

 

Select Apply and OK

 

Restart computer.

 

(adwcleaner is preferable in order to remove all Reg Keys)

Share this post


Link to post
Share on other sites

Thanks, I unchecked TornTV, but again: I can't find MyPCBackUp anywhere. I really don't understand.

In the service tab I couldn't find TornTV either.

 

Well, with Adware Cleaner... (Pff, I'm bad in explaining this in English...) It made a text document that was full of logs and it made my computer start up very, very slow and my internet blocking and also very slow. A Windows-tool told me about "faults" that happened to my computer (what's the name in English?) and apparently it was all because of ADWcleaner.

Thanks to someone else on the internet, I found out how to clean this log and I didn't have any internetproblems anymore since. ADWcleaner is still on my computer I think. I should update it, but I'm afraid this will happen again.

Share this post


Link to post
Share on other sites

MyPCBackup according to that log is in your local drive C: under Program Files.

 

Start Orb

 

Select Computer

 

Select Local Disk (C:)

 

Select Program Files

 

MYPCBackup should have its own folder, delete that folder

 

I've never known adwcleaner cause an internet issue but if you wish not to use it then ok.

 

You can instead try to run DeCrapifier

 

If it asks which type of install, always choose Custom and not Express then you can uncheck the unwanted nasties that some programs try to install.

It may clear MPCBackup and it may not.

Share this post


Link to post
Share on other sites

Hi,

 

I made a mistake, the disk cleaning found place now (after a reboot). Maybe the adware is gone now, but how should I find out? Run DSS again?

 

Yesterday I found the file (in (x86)) and could remove it (after ending the proces in... another English word I don't know. :P My computer is in Dutch.) Thanks!

Share this post


Link to post
Share on other sites

Hi,

 

I made a mistake, the disk cleaning found place now (after a reboot). Maybe the adware is gone now, but how should I find out? Run DSS again?

 

Yesterday I found the file (in (x86)) and could remove it (after ending the proces in... another English word I don't know. :P My computer is in Dutch.) Thanks!

You'll know if it keeps popping up after.

Additionally, you should run CCleaner to clear out any traces in the Roaming folder.

Just remember to select Custom Install and uncheck all the PUP's.

 

I think the word you meant/mean is Task Manager = Taak manager (I think that's right) ;)

Share this post


Link to post
Share on other sites

It's "taakbeheer", but it means the same! :)

 

It didn't pop-up anymore today.

 

I will see if it stays like this. (I hope!)

 

Thanks a lot anyway!

Share this post


Link to post
Share on other sites

It's "taakbeheer", but it means the same! :)

Oh well, at least I got the first part right it could've come out so wrong. :D

Share this post


Link to post
Share on other sites

Haaa, MB A-MW detected MyPCBackUP this time. (Maybe because I did my first scan after an update.)

 

Still, question is if all of it will be removed this time..

 

It also found "CrossRider", but last time too? I'm wondering why it's not removed...

Share this post


Link to post
Share on other sites

As I said before, it could be residing in the Registry and or the Roaming folder and restarting on each boot. It's good that it's been found and hopefully removed :)

Share this post


Link to post
Share on other sites

So, seems MPCBU is gone! BUT it seems this CrossRider-thing still isn't.

 

This morning I did another scan and it was still there. After a reboot this night I did it again and yes! Strange...

Share this post


Link to post
Share on other sites

No, is it also a MW-detector?

 

And again it found the PUP... It's in the Roaming folder. Maybe I should try to remove it "normal"?

 

Edit: nevermind, because I can't find it. *Eeergh, why does a computer have so much folders (you don't even know where they actually are for)?!*

Share this post


Link to post
Share on other sites

Post #9 in this thread has the link to CCleaner source page, but read that post carefully and follow the instructions.

 

In FireFox select the drop down arrow on the left side of the Search box.

 

Navigate down to "Manage Search Engines".

 

Select "Restore Defaults".

 

(If "RD" is greyed out, highlight Softonic and select "Remove").

Share this post


Link to post
Share on other sites

Ok, thank you, but I didn't see an option for "custom insall"? Anyway I unchecked Google Chrome, I'm not a fan of this one. (But I like to use gmail though.)

 

In CCleaner, there are a lot of things checked, would that do it?

Share this post


Link to post
Share on other sites

Maybe it's a coincidence, but I have the impression that my internet goes slower and my computer blows harder since I've installed CCleaner?...

 

The CPU-use is normal though.

Share this post


Link to post
Share on other sites

You need to shut down your browser when using CCleaner otherwise it won't clean out the Roaming folders fully.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...