Recent Posts

Pages: [1] 2 3 ... 10
LandzDown Lounge / Re: Related Word
« Last post by Pete! on Today at 07:12:16 PM »
Analysis and Malware Removal / Re: WSHelper.exe System Error at Startup
« Last post by Corrine on Today at 06:45:09 PM »
Thank you for the logs, Ritzy.

1.  Yes, you are correct.  It appears those files are part of Wondershare.  First,  try removing Wondershare Software from Startup:
  • Ctrl + Shift + Esc to open Task Manager, click on the Start-up Tab and disable any Wondershare Products
  • Windows  + R Keys together, type msconfig and hit enter, on the Services Tab,  check the box marked 'Hide Microsoft Services', then check the list for  any Wondershare products and un-check them
  • Click OK and Reboot
If the problem persists or Wondershare Software does not work properly, re-install the software.

2.  The logs show BitDefender along with Windows Defender up to date on your computer.  Yet, I do not see BitDefender listed in installed programs and expect that it has been uninstalled.  The only thing I am finding right now is older instructions:  Windows Action Center identifies old security software as installed.  The main thing is to ensure that Windows Defender is enabled.

3.  It appears that you play games so likely need Java.  If that is the case, you need to update Java with the latest critical security update.  Otherwise, you may want to uninstall it.  In the event you keep it, to avoid missing further updates, you may want to remove HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" from the disabled items when you are in Task Manager removing Wondershare from Start up.

Since it is a new version, I suggest uninstalling Java 8 Update 51 and installing the latest version Java SE 9.0.4.  Please watch for pre-checked options as they are not part of the program.  Java SE Runtime Environment 9 - Downloads.

4.  Adobe Acrobat Reader DC is also out of date and has had critical security updates.  Update checks can be manually activated by choosing Help > Check for Updates.  Reader DC was updated to 18.011.20036.and Acrobat DC to 18.011.20035.   
Note:  UNcheck any  pre-checked additional  options presented with  the update. They are not  part of the software  update and are completely  optional.

5.  Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lines.  Right-click and select "Copy ".
Code: [Select]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
CustomCLSID: HKU\S-1-5-21-4085802308-216855206-3018638629-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\usuario\AppData\Local\Citrix\GoToMeeting\4911\G2MOutlookAddin64.dll => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Task: {084CDF6E-AE87-4A2D-BF9A-D8FB38D8EF26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1645741A-DF5D-4D96-A8EA-F56E0E0424EA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {251CE985-5B07-4F69-9B50-137F993FBBE5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {37CABFC9-14DB-40F9-9C74-32DF6169EC81} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55971C88-CB33-419F-95F2-CC452F07912C} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {5F04C716-8AD3-4B70-88A5-25B08217B405} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6AEADBEC-EB15-49AA-A479-543316A15165} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {726019EF-9649-48BC-8BC6-DADA691B61C8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ask: {746731D1-45BF-4480-8686-0762DDA7274C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7B9649E8-1F73-4077-9BEB-4AFED6126855} - \WPD\SqmUpload_S-1-5-21-4085802308-216855206-3018638629-1001 -> No File <==== ATTENTION
Task: {8AE123FC-A891-45A8-9BE7-13462B9D2174} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8AFFFD78-6FD8-47A1-94C8-A94D96520CB1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {93C5F905-D3A8-42C3-84CD-B69C755714CE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9414E745-F776-4158-9A49-470DB1A2614A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9ABAD6BC-2504-4880-BB4D-7E2C4F9B6904} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CD37325D-859B-4987-911A-6C2788A6B809} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\CalendarPlus.job => c:\programdata\{3aaf9e65-de2d-47ef-3aaf-f9e65de27997}\tube linkwheel commando (lite)-_ed-.rar.exe <==== ATTENTION
C:\ProgramData\TEMP:30FF836C [127]
C:\ProgramData\TEMP:36E20A37 [105]
C:\ProgramData\TEMP:5886DCB8 [106]
AlternateDataStreams: C:\Users\usuario\Downloads\bricksofegypt_at.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\buildalot2_at.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\camtasia.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\EasyTask.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\en_peggle_inst.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\HMA-Pro-VPN-
AlternateDataStreams: C:\Users\usuario\Downloads\HMA-Pro-VPN-
AlternateDataStreams: C:\Users\usuario\Downloads\kodi-15.2-Isengard.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\lastpass_x64.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\Opera_1217_en_Setup_x64.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\Opera_NI_stable.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\SafariSetup.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\setup.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\Silverlight_x64.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\TubeSeoCommando.VideoLinkwheelCommando.dll:BDU
AlternateDataStreams: C:\Users\usuario\Downloads\vlc-2.1.5-win32.exe:BDU
  • Please right-click on FRST/FRST64 to run as administrator.  When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.
LandzDown Lounge / Re: Related Word
« Last post by Ritzy on Today at 05:18:26 PM »
LandzDown Lounge / Re: Related Word
« Last post by Pete! on Today at 04:54:02 PM »
LandzDown Lounge / Re: Word Association
« Last post by Pete! on Today at 04:53:35 PM »
LandzDown Lounge / Re: 5 letters Game
« Last post by Pete! on Today at 04:52:51 PM »
think - Take heed in neglected kayaks.

LandzDown Lounge / Re: 2 Word Game
« Last post by Pete! on Today at 04:46:58 PM »
reaction uncontrolled
LandzDown Lounge / Re: The Last Two words become the First Two Words
« Last post by Pete! on Today at 04:46:03 PM »
In California, if you spent time in "The Valley" you may get the impression that the work ethic is a bit laid back.
LandzDown Lounge / Re: 5 letters Game
« Last post by JDBush61 on Today at 04:27:43 PM »
asset - A simple solution, every time.


LandzDown Lounge / Re: 2 Word Game
« Last post by JDBush61 on Today at 04:26:35 PM »
mixed reaction

Pages: [1] 2 3 ... 10