Page 1 of 2 12 LastLast
Results 1 to 10 of 18
  1. #1
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Question Help Setting Up New Dell XPS 13 Laptop

    Hi,

    It's been a while since I've set up a new compute. It is Windows 10, 128gb ssd, 8gb RAM. I don't tend to store any information on my laptop so I didn't need a big hard drive - just fast, portable, good keyboard. As I'm going to set this up - remove crapware, install the good stuff, I don't know what the current recommendations are in terms of programs to download and run - and what to remove. I charged the laptop, registered it, created recovery media. Then downloaded Firefox, opera, (debating on Chrome), superantispyware, malwarebytes,and spywareblaster. Then I realized it was time to seek guidance. What should I get rid of and how? what programs should I add? and questions about Windows 10 apps?

    I want to remove crapware (should I use junkware removal tool? does it matter where I download it from?). When I've recently checked out our computers for malware and spyware, I've used additional tools and I don't know if they are good to ones to use as a matter of routine - hitman pro, zemana antimalware, adwcleaner, I think there may have been another one to remove that preinstalled junk - is it recuva?

    This laptop is preinstalled with mcAfee, which I know I don't want - but could use guidance in how to thoroughly remove it. I thought I saw Windows Defender or Microsoft Security Essentials - but now I can't find them. So a few questions there:
    - do I want these programs? are they antivirus, which I know I should only have one of - or something else that's useful? do I run them or do they actively monitor the laptop. if either are antivirus, how do I delete them? and is Avast antivirus still a good one to use? I'm comfortable with it and have it on every other computer we have.

    Windows 10 questions: my little bit of exposure to windows 10 on another laptop has shown me that I prefer to get desktop versions of applications like skype. The Microsoft skype app that comes on window 10 just messed things up for me (I know that's not very articulate, but I don't recall how it complicated a business skype call I made a while back). Should I stick to my desktop versions of things like gmail (which I access through my firefox or other browser), skype, etc? Is there any reason to explore and consider using Windows 10 apps? my cell phone is a Samsung galaxy android - so no compatibility there. Not sure I want to bother with Microsoft's products - Edge browser, one drive cloud, etc. I think I'm good with google drive (have gmail) and dropbox. Anything to consider using or avoiding with Microsoft's attempts to get us to use our laptops like tablets with apps? How about Cortana? just gimicky or anything to gain? Right now the screen that the start button brings up seems gimicky and useless. I don't care about those apps in boxes. I want to see my regular windows start up menu - with my most used programs, an easy to access list of all programs, and easy access to control panel, settings, devices,network (not sure I recall all that comes up with older Windows versions). Should I just learn to access these things with the windows 10 interface? or do many people consider it annoying and wind up installing something over it (I did that with Windows 8 to get it to appear like Windows 7).

    Where do I go to see if there are drivers to update? or maybe I don't do that?

    Thank you.
    Lynn.
    PS I really hope this is the right place to post this

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    First of all lets see what's running.

    Download HijackThis

    • Go Here to download HijackThis program
    • Save HijackThis to your desktop.
    • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
    • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
    • copy and paste hijackthis report into the topic



    Next lets see what's installed

    Start HijackThis
    Click on the Config button
    Click on the Misc Tools button
    Click on the Open Uninstall Manager button.

    click on the Save list... button and specify where you would like to save this file I'd save to the desktop. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad into a reply



    This laptop is preinstalled with mcAfee, which I know I don't want - but could use guidance in how to thoroughly remove it.
    You can remove it from the programs an features list just like any program, it should uninstall ok. We will check for left overs.
    No need to install an Anti Virus as soon as McAfee is uninstalled windows defender should start {That's really Microsoft Security Essentials} on Windows 10. We can check to make sure its running.


    Some people who buy Dell PC soon discover that there are several preloaded software that many advanced users feel are not needed. Some users may want to uninstall Dell Stage, Dell Digital Delivery and Dell DataSafe, just to mention a few examples.
    This will remove crapware preinstalled from Dell.
    http://www.decrap.org/

    Hold off from running that until we actually see what's on it.

    Please start with Hijackthis instructions first and we will go from there.

    Joe
    Last edited by zep516; 07-30-2016 at 04:37 PM.

  3. The Following 2 Users Say Thank You to zep516 For This Useful Post:


  4. #3
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Default

    I ran the hijack this - a screen came up suggesting that some files couldn't be accessed and I might need to edit something myself. It all happened so fast, I'm not sure what happened. I think I clicked okay - and thought I might not have clicked "run as administrator", so I'd just try it again. But then notepad had a whole log file. So maybe it did run correctly? I'm posting that logfile here. If there's something more I need to do, let me know.

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 2:59:32 PM, on 7/10/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10586.0020)

    FIREFOX: 48.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
    C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    C:\Program Files (x86)\Dell Update\DellUpTray.exe
    C:\Users\lynna\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Windows\SysWOW64\RunDll32.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Microsoft Office\Root\Office16\ONENOTEM.EXE
    C:\Users\lynna\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\lynna\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - Startup: Send to OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O23 - Service: McAfee Application Installer Cleanup (0241971468084548) (0241971468084548mcinstcleanup) - Unknown owner - C:\Windows\TEMP\024197~1.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @oem34.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\Windows\system32\IntelCpHDCPSvc.exe (file missing)
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
    O23 - Service: Dell Help & Support - Unknown owner - C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
    O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @oem6.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
    O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13357 bytes
    ----------------------------------------------------------

    Now for the next part of hijack this instructions:

    Dell Product Registration
    Dell Update
    Dropbox 20 GB
    Intel(R) Chipset Device Software
    Intel(R) Dynamic Platform and Thermal Framework
    Intel(R) HID Event Filter
    Intel(R) Processor Graphics
    Intel® Security Assist
    McAfee LiveSafe
    McAfee WebAdvisor
    Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
    Mozilla Firefox 48.0 (x86 en-US)
    Mozilla Maintenance Service
    Office 16 Click-to-Run Extensibility Component
    Office 16 Click-to-Run Localization Component
    Realtek Card Reader
    Realtek High Definition Audio Driver
    Realtek USB Audio
    Realtek USB Ethernet Controller All-In-One Windows Driver
    SpywareBlaster 5.5
    Thunderbolt(TM) Software

    Even though you gave me other information, I think you wanted me to start with the hijack this stuff before doing anything else.

    Thank you.
    Lynn.

  5. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    I'm surprised not a lot running at start up and no crapware to be concerned with. Lots of McAfee services though.

    If you want to remove McAfee start by removing these 2 programs from the programs an features list.

    • McAfee LiveSafe
    • McAfee WebAdvisor


    Then
    Download and run the MPCR tool

    http://us.mcafee.com/apps/supporttools/mcpr/mcpr.asp Save the file to the desktop and run it.

    For reference about the MPCR tool
    https://service.mcafee.com/webcenter...3D18qxpy73ja_4

    Re-post a new Hijackthis log, just the log, I don't need the other list this time.

  6. The Following User Says Thank You to zep516 For This Useful Post:


  7. #5
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Default

    I removed the McAfee and am running hijack this. Will post in a minute.
    I'm typing on another laptop so I can copy the message that came up when I ran hijack this.
    For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this.
    If that happens, you need to edit the file yourself. Tod o this, click Start, Run and type:
    notepad c:\\Windows\System32\drivers\etc\hosts
    and press Enter. Find the line Hijack This reports and delete them.
    save the file as 'hosts.' (with quotes), and reboot.

    Don't know if I need to do that or not. Just wanted to catch the message.

  8. #6
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Default Second Hijak This log after removal of McAfee

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 5:14:17 PM, on 7/10/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10586.0420)

    FIREFOX: 48.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    C:\Users\lynna\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
    C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Windows\SysWOW64\RunDll32.exe
    C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
    C:\Program Files (x86)\Dell Update\DellUpTray.exe
    C:\Users\lynna\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\lynna\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - Startup: Send to OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @oem34.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\Windows\system32\IntelCpHDCPSvc.exe (file missing)
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
    O23 - Service: Dell Help & Support - Unknown owner - C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
    O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @oem6.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10921 bytes

  9. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    Don't worry about the host file message from Hijackthis. Not to be concerned.

    Now that we have removed McAfee Windows should automatically turn on windows defender,

    Lets check it

    type Defender in the Start menu and, if it’s turned off, you’ll see a message and a link to turn it on. Click it to turn on Windows Defender.

    See reference for windows 10 below if needed.

    How to turn on or off Windows Defender in Windows 10 - How-To - PC Advisor

  10. The Following User Says Thank You to zep516 For This Useful Post:


  11. #8
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Default

    Windows defender is on and it's updated. So is that the antivirus I should use?
    Thanks.

  12. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    I think the Anti Virus is fine. Everyone has an opinion though. At this point the only other Anti Virus free that I would consider is Avast, that's probably what I would use if not for Defender (Microsoft Security Essentials). By the way Avast has just purchased AVG, not sure what happens to current AVG users, I was never fond of AVG. It installed some other files un- related to virus protection that I didn't like.

    The only other security program I would download is Malwarebytes so you have it available to you, it's possible you could get an infection that prevents the download of programs such as malwarebytes so having on board is a good idea.

    I would refrain from using Junkware removal tool and adwcleaner, these tools should be used by trained Malware people only. These tools are updated frequently and things can go wrong such as incorrect file deletion. We in the Malware community become aware of this quickly and don't use the tool until the developer fixes it. This does not occur often but it does occur.

    The most dangerous Malware out currently is Ransomware, it's most important to back up your personal files then ever, pictures, videos , music, documents.

    Have a read here--> https://en.wikipedia.org/wiki/Ransomware

    The Malware is actually easy to remove, but there is no fix for the encrypted files, your personal files.

    15 Things You Can Do With Cortana on Windows 10


    I'm also hoping Donna has something to add to the topic, Donna is an malware instructor and may be a bit more current on some things then I am.
    Last edited by zep516; 07-10-2016 at 07:05 PM.

  13. The Following User Says Thank You to zep516 For This Useful Post:


  14. #10
    Member
    Join Date
    May 2016
    Location
    Washington, DC
    Posts
    44
    Points
    0

    Default

    Thanks Joe.
    I have to contemplate which antivirus to use. I am so familiar with Avast that I'll probably use that. It's on all the other household computers - so maybe easiest to stick with what I know. I always keep it updated and run scans. Good point about backing up constantly = esp. with ransomware. I don't really save any files on my laptop - unless it's something I have copies of in other places. But good to keep in mind for my desktop.

    I appreciate the words of caution about JRT and ADWcleaner. I actually ran both those recently on my ancient desktop (due to be replaced this summer, I hope) because it got so much slower in the past week or two that I couldn't perform simple functions without it freezing or crawling. They didn't speed it up. I ran other scans and ccleaner - rebooted occasionally - rebooted the modem and router. It's still pretty slow - but that's for another day. I have to finish taxes on it (turbo tax installed). I will refrain from using those again without the wisdom of those who know.

    I downloaded Malwarebytes - and ccleaner. Do you think I should not even bother with superantispyware or spywareblaster? I had already done spywareblaster but could delete if advised. I gather I should delete JRT, lest I accidentally install it and run it.

    I installed skype and it's asking if RAVGexe could have access? I said no. I don't know what that is (and I'm not recollecting the name precisely). Then it asked about bluetooth and I said yes.

    What pdf reader do you recommend? I've used pdf exchange and sumatra and had good experiences with both. I also plan to download open office. That may be it for now.

    Once I finish taxes, I'll enjoy exploring the link you gave me to using Cortana.

    Thank you.
    Lynn.

Page 1 of 2 12 LastLast