Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow computer & internet browser freezing - intermittent issue


  • This topic is locked This topic is locked
46 replies to this topic

#1 Fleetwolf90

Fleetwolf90

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 02 November 2013 - 08:00 AM

All of sudden, computer is intermittently (75% of the time) very slow to start up and sometimes fails to start up.  After entering password it will go to a dark screen and churn for a long time and either finally boots or stays in that status until I shut it down and reboot.

 

If it does boot, Google Chrome will intermittently lock up which ultimately requires a hard shut down to remedy.  The issue arose quickly so I don't think it's a computer hardware or software issue.  I reviewed all of the slow computer/browser potential causes from your website, but nothing there seemed to help the issue.  I ran Malwarebytes and Avast and no malware was detected.

 

Thanks in advance for your review and assistance!

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.25.2
Run by Earley Laptop at 8:32:29 on 2013-11-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4029.2589 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Earley Laptop\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\spool\DRIVERS\x64\3\E_IAMTBPL.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: RadioRage: {78ba36c9-6036-482b-b48d-ecca6f964b84} - 
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [PCShowServer] "C:\Users\Earley Laptop\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Amazon Cloud Player] C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\EARLEY~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\13330333023416E616C6024427966756 : DHCPNameServer = 192.168.50.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\C41627765635973616D6F62756D27657563747 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\C6964747C65686F6573756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{7829ED7D-00D1-4CA1-994D-CA91B5C1E060} : NameServer = 156.154.70.22,156.154.71.22
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-1 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-1 204880]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-30 55280]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2012-2-26 17720]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-1 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-1 378944]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-6-18 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-6-18 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-6-18 48872]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-1 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-1 80816]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-5-29 2094216]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-10-30 1692480]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-10-30 172704]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-10-30 138752]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-10-30 5435904]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-4 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-6-18 164056]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-8 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-5 1255736]
.
=============== Created Last 30 ================
.
2013-11-01 21:15:06 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{6F8AD53B-8451-4599-AD40-5E5E8C84A11D}
2013-11-01 20:49:00 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4693D15A-D0CE-41EE-8B4E-21BB33D91220}\mpengine.dll
2013-10-29 23:17:51 -------- d-----w- C:\Roxio
2013-10-29 23:17:43 -------- d-----w- C:\Amazon MP3
2013-10-29 23:17:43 -------- d-----w- C:\Amazon Cloud Player
2013-10-29 23:17:35 -------- d-----w- C:\Microsoft
2013-10-28 19:38:37 -------- d-----w- C:\Users\Earley Laptop\.amu
2013-10-28 19:26:24 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player
2013-10-27 22:07:46 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{6090ED5A-E11E-47C3-B1B7-6F68474FD8F0}
2013-10-26 01:27:44 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{153E27C8-600D-4EB4-ABF6-B3A8B9FD6A63}
2013-10-24 20:49:56 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{A3EAAD58-C9AE-4BC1-8A7D-AE3E2EF54ACE}
2013-10-23 23:57:05 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{D18EA173-CEFC-45A7-B6FF-87B5136AC8BA}
2013-10-23 10:37:51 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{721325BC-422F-4824-A00B-AA060C71C61D}
2013-10-22 19:19:48 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{5FB92D30-69ED-41C2-BF2E-CE552BF417D8}
2013-10-22 00:32:25 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{72A1F965-EB2E-4474-BA96-F5EB79899B21}
2013-10-18 20:08:52 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{317BEF4B-2A18-4C26-B2FE-4BC394BA4747}
2013-10-17 19:36:56 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
2013-10-09 07:19:03 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-09 07:19:02 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-09 07:19:00 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-10-09 07:19:00 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-10-09 00:41:36 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-09 00:40:53 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 00:40:53 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 00:40:51 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-10-09 00:40:47 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-10-09 00:40:38 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-09 00:40:38 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-09 00:40:38 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-09 00:40:38 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-09 00:40:38 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-09 00:40:38 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-09 00:40:37 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-10-04 19:42:26 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{1F55D89C-C187-47AD-A4A5-F942F8BCDB88}
.
==================== Find3M  ====================
.
2013-10-10 11:07:39 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-10 11:07:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-24 10:54:11 48872 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2013-09-24 10:54:10 709144 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2013-09-24 10:54:10 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2013-09-24 10:53:52 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2013-09-24 10:53:51 354240 ----a-w- C:\Windows\SysWow64\guard32.dll
2013-09-24 10:53:50 444392 ----a-w- C:\Windows\System32\guard64.dll
2013-09-24 10:53:40 347864 ----a-w- C:\Windows\System32\cmdvrt64.dll
2013-09-24 10:53:39 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2013-09-24 10:53:35 280792 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53:34 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-05 09:35:06 55504 ----a-w- C:\Windows\SysWow64\offreg.dll
2013-09-03 18:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-09-01 17:57:42 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-09-01 17:57:42 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-09-01 16:08:30 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-01 16:08:28 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-09-01 16:08:28 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
.
============= FINISH:  8:41:07.58 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:28 PM

Posted 07 November 2013 - 08:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/512671 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 09 November 2013 - 09:29 AM

Yes, I am still having problems.  (see problem description in original post).  Computer took over 5 minutes to boot this morning and is very lethargic and unresponsive for a while until it seems to get everything loaded.  Got an error message that the Dell tool dock couldn't load.  Finally, the browser and other applications start to work decently.  If the screen saver comes on, it is once again slow to come out of sleep mode to a productive state.  Below are my updated DDS logs. I do not know if I have the original Windows CD/DVD or not.

 

Thanks in advance for your help!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.45.2
Run by Earley Laptop at 9:15:49 on 2013-11-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4029.2143 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Earley Laptop\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: RadioRage: {78ba36c9-6036-482b-b48d-ecca6f964b84} - 
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [PCShowServer] "C:\Users\Earley Laptop\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Amazon Cloud Player] C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\EARLEY~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\13330333023416E616C6024427966756 : DHCPNameServer = 192.168.50.1
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\C41627765635973616D6F62756D27657563747 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0C337C25-1503-4E6D-8C1A-1A1C59E1FC8A}\C6964747C65686F6573756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{7829ED7D-00D1-4CA1-994D-CA91B5C1E060} : NameServer = 156.154.70.22,156.154.71.22
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-1 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-9-1 204880]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-30 55280]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2012-2-26 17720]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-1 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-1 378944]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-6-18 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-6-18 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-6-18 48872]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-1 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-1 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-4 46808]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-5-29 2094216]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-10-30 1692480]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-10-30 172704]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-10-30 138752]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-10-30 5435904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-6-18 164056]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-8 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-5 1255736]
.
=============== Created Last 30 ================
.
2013-11-09 12:49:27 -------- d-----w- C:\ProgramData\Oracle
2013-11-09 12:49:03 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-08 09:28:57 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96EA8EBC-EF9A-4AEB-8296-9486843A51EC}\mpengine.dll
2013-11-03 21:01:05 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{2D8DADA6-D5D9-4CB4-A02B-1D65B201ED4D}
2013-11-01 21:15:06 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{6F8AD53B-8451-4599-AD40-5E5E8C84A11D}
2013-10-29 23:17:51 -------- d-----w- C:\Roxio
2013-10-29 23:17:43 -------- d-----w- C:\Amazon MP3
2013-10-29 23:17:43 -------- d-----w- C:\Amazon Cloud Player
2013-10-29 23:17:35 -------- d-----w- C:\Microsoft
2013-10-28 19:38:37 -------- d-----w- C:\Users\Earley Laptop\.amu
2013-10-28 19:26:24 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\Amazon Cloud Player
2013-10-27 22:07:46 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{6090ED5A-E11E-47C3-B1B7-6F68474FD8F0}
2013-10-26 01:27:44 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{153E27C8-600D-4EB4-ABF6-B3A8B9FD6A63}
2013-10-24 20:49:56 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{A3EAAD58-C9AE-4BC1-8A7D-AE3E2EF54ACE}
2013-10-23 23:57:05 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{D18EA173-CEFC-45A7-B6FF-87B5136AC8BA}
2013-10-23 10:37:51 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{721325BC-422F-4824-A00B-AA060C71C61D}
2013-10-22 19:19:48 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{5FB92D30-69ED-41C2-BF2E-CE552BF417D8}
2013-10-22 00:32:25 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{72A1F965-EB2E-4474-BA96-F5EB79899B21}
2013-10-18 20:08:52 -------- d-----w- C:\Users\Earley Laptop\AppData\Local\{317BEF4B-2A18-4C26-B2FE-4BC394BA4747}
2013-10-17 19:36:56 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
.
==================== Find3M  ====================
.
2013-10-10 11:07:39 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-10 11:07:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-24 10:54:11 48872 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2013-09-24 10:54:10 709144 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2013-09-24 10:54:10 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2013-09-24 10:53:52 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2013-09-24 10:53:51 354240 ----a-w- C:\Windows\SysWow64\guard32.dll
2013-09-24 10:53:50 444392 ----a-w- C:\Windows\System32\guard64.dll
2013-09-24 10:53:40 347864 ----a-w- C:\Windows\System32\cmdvrt64.dll
2013-09-24 10:53:39 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2013-09-24 10:53:35 280792 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53:34 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-05 09:35:06 55504 ----a-w- C:\Windows\SysWow64\offreg.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-09-03 18:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-09-01 17:57:42 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-09-01 17:57:42 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
.
============= FINISH:  9:17:47.50 ===============
 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 10 November 2013 - 11:40 PM

Greetings Fleetwolf90 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Entering Safe Mode with Networking in Windows 7

--------------------
  • Restart your computer.
  • When the machine first starts gently tap the F8 key repeatedly until you are presented with a Advanced Boot Options menu
  • Select the option for Safe Mode with Networking using the arrow keys
  • Press Enter to continue booting into Safe Mode with Networking
  • Check your computer behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Computer behavior in Safe Mode?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 12 November 2013 - 09:22 PM

I ran the AdwCleaner and Junkware Removal Tool and posted the logs below.

 

In safe mode, the computer started up at normal speed but displayed a "webpage not available error" (see attached screen shot) when attempting to access any website other than the home page.  All other software/applications seemed to work okay.

 

In normal mode, the computer took over 10 minutes to boot and then displayed a "desktop window manager stopped working and closed" error (see attached screen shot).  After that dialogue box was closed, the computer seemed to operate normally.  The biggest issue is not confined to a very long startup or long recovery after a screen saver or power save mode.

 

  

 

# AdwCleaner v3.012 - Report created 11/11/2013 at 20:39:02
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Earley Laptop - EARLEYLAPTOP-PC
# Running from : C:\Users\Earley Laptop\Downloads\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [4jffxtbr@RadioRage_4j.com]
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@RadioRage_4j.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A2B7C6-7487-4B99-9F6C-1FDF57FE130B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11D4B723-18CA-48C6-BA13-965488F19A70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48909954-14FB-4971-A7B3-47E7AF10B38A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53855564-CF81-410C-9C1C-321C7E067816}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5848763C-2668-44CA-ADBE-2999A6EE2858}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6562E272-88E1-4DFF-8FF8-FE1A05323D36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78BA36C9-6036-482B-B48D-ECCA6F964B84}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E7ABF2A-8C44-4562-895D-DBCA3CDDD1A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA41198F-C3C5-47D8-99E1-1AB199E81723}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D740AD89-BAF4-47D5-9B5E-343D30F07A7A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEB941C-8B58-4899-97C3-88FE394E1285}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23760BE-23A3-4CEF-9304-66AF079F53DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6AD866F-EA06-476A-8432-ED943683FAB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECEF0D95-32FA-48D3-8A2D-D6453B5B7361}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F69FE1BE-09C3-460C-AC89-8CCD9D3DF1CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78BA36C9-6036-482B-B48D-ECCA6F964B84}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{581C7D7D-F809-4E03-A631-74C069D5F04A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-CF81-410C-9C1C-321C7E067816}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{78BA36C9-6036-482B-B48D-ECCA6F964B84}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKCU\Software\AppDataLow\Software\RadioRage_4j
Key Deleted : HKCU\Software\AppDataLow\Software\TelevisionFanatic
Key Deleted : HKLM\Software\RadioRage_4j
Key Deleted : HKLM\Software\TelevisionFanatic
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16720
 
 
-\\ Google Chrome v30.0.1599.101
 
[ File : C:\Users\Earley Laptop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8672 octets] - [11/11/2013 20:36:59]
AdwCleaner[S0].txt - [8783 octets] - [11/11/2013 20:39:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8843 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Earley Laptop on Mon 11/11/2013 at 20:59:43.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C35AD63-AF1D-4E21-B484-B6651A8EFCF9}
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{153E27C8-600D-4EB4-ABF6-B3A8B9FD6A63}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{1F55D89C-C187-47AD-A4A5-F942F8BCDB88}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{2D8DADA6-D5D9-4CB4-A02B-1D65B201ED4D}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{317BEF4B-2A18-4C26-B2FE-4BC394BA4747}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{36E47381-D9C4-468B-A2B9-38099C714B85}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{5277A9AA-41B7-4B87-88EF-454BF4E57D7C}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{5FB92D30-69ED-41C2-BF2E-CE552BF417D8}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{6090ED5A-E11E-47C3-B1B7-6F68474FD8F0}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{6752560C-5B86-49D3-B756-40CC6869325F}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{6F8AD53B-8451-4599-AD40-5E5E8C84A11D}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{71627BA4-D2B3-426D-8FF9-827EBE27C388}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{721325BC-422F-4824-A00B-AA060C71C61D}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{72A1F965-EB2E-4474-BA96-F5EB79899B21}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{798D48F6-5F3C-4DCF-9768-325708518C08}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{79C1DDE0-82D4-41BF-99FA-C221FC275024}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{7A00B50C-DBDF-4825-B57C-761EE3089820}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{A3EAAD58-C9AE-4BC1-8A7D-AE3E2EF54ACE}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{D18EA173-CEFC-45A7-B6FF-87B5136AC8BA}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{EC9C57C4-FD4C-4B13-8553-E1CCD951BD6C}
Successfully deleted: [Empty Folder] C:\Users\Earley Laptop\appdata\local\{EED72A9A-D84E-4312-A0E6-201C92D345DB}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/11/2013 at 21:47:32.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

Attached Files



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 12 November 2013 - 10:52 PM

Thanks for posting the information.

Can you confirm you selected Safe Mode with Networking?

Please do this.

===================================================

Using VGA Driver in Normal Mode

--------------------
  • Click Start, type msconfig, then hit Enter
  • Click the Boot tab
  • Place a check mark in Base video, then click OK
  • Restart your computer
  • Check your computer's performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did you select Safe Mode with Networking?
  • Did your computer start up faster?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 15 November 2013 - 09:12 PM

I started the computer in Safe Mode and it booted at normal speed and functioned properly. Then I rebooted in Normal Mode and it took 10-15 minutes to boot.  Very slow response until everything finally was loaded.  Still very slow startup in Normal Mode.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 15 November 2013 - 09:45 PM

Were you able to boot into Normal Mode after selecting Base Video?

Edited by Oh My, 15 November 2013 - 09:51 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 18 November 2013 - 07:31 PM

I rebooted the computer in normal mode with base video selected under msconfig boot options.  The computer did start up faster (5 min) but there was no audio even though volume settings indicated the volume was on high.  When I attempted to access the volume control in task bar, I getting a message that the Volume Mixer is Not Responding.  I also can't print anything.  Everything else seems to function properly.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 18 November 2013 - 08:40 PM

Thanks for the explanation. Please do this now.

===================================================

Clean Boot
--------------------
  • From either Nornal or Safe Mode press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msconfig and press Enter
  • If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation
  • Click the Boot tab
  • Uncheck Base video
  • Click Selective Startup on the General tab
  • Click to clear the Load Startup Items check box
  • Click the Services tab
  • Click to select the Hide All Microsoft Services check box
  • Click Disable All, and then click OK
  • When you are prompted, click Restart and boot into Normal Mode
  • Check your computer performance
===================================================

Things I would like to see in your next reply. :thumbsup2:
  • How is your computer behaving?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 19 November 2013 - 09:16 AM

I followed your msconfig setting instructions and rebooted.  Below is a summary of the performance in Normal mode after reboot.

 

1.  Reboot was a little faster (4 min) than before but still not as fast as standard performance.

2.  All MS software, internet browsers, etc performed well

3.  Verified that I could print from a few different applications

4.  After a screen saver, it was slow to respond.  Took over 5 minutes to respond to commands.

 

I keep getting the "Desktop Window Manager stopped working and was closed" notification (see attached pic).  Once I close that notification is when the computer starts performing at normal speed.  At startup or after screen saver it seems that the desktop window manager is trying to load and once it finally quits trying and displays this message everything starts working okay.

Attached Files



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 19 November 2013 - 09:47 AM

Thanks for the valuable information. Please do this.

===================================================

Windows Repair (All in One)

--------------------
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Download Windows Repair (All in One) and save it to your desktop
  • Double click the icon and select Run
  • Continually click Next, then Finish
  • Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22001645.gif

  • Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22001646.gif

  • Go to Step 4 and under "System Restore" click on Create button:

p22001644.gif

  • Go to Start Repairs tab and click Start button.

p22001166.gif

  • Please leave the default settings as is
  • Click on box next to the Restart System when Finished. Then click on Start
  • Your computer will reboot upon completion
  • Copy and paste the contents of the following log in your reply:

C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt



===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Windows repair log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 19 November 2013 - 10:17 PM

Here is the windows repair log.

 

 

Starting Repairs...
   Start (11/19/2013 9:35:23 PM)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (11/19/2013 9:35:23 PM)
   Running Repair Under Current User Account
   Done (11/19/2013 9:35:37 PM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (11/19/2013 9:35:37 PM)
   Running Repair Under System Account
   Done (11/19/2013 9:40:23 PM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (11/19/2013 9:40:23 PM)
   Running Repair Under System Account
   Done (11/19/2013 9:42:32 PM)
 
03 - Register System Files
   Start (11/19/2013 9:42:32 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:44:51 PM)
 
04 - Repair WMI
   Start (11/19/2013 9:44:51 PM)
   Running Repair Under Current User Account
   Done (11/19/2013 9:51:45 PM)
 
05 - Repair Windows Firewall
   Start (11/19/2013 9:51:45 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:52:36 PM)
 
06 - Repair Internet Explorer
   Start (11/19/2013 9:52:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:54:46 PM)
 
07 - Repair MDAC/MS Jet
   Start (11/19/2013 9:54:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:55:50 PM)
 
08 - Repair Hosts File
   Start (11/19/2013 9:55:50 PM)
   Running Repair Under System Account
   Done (11/19/2013 9:55:53 PM)
 
09 - Remove Policies Set By Infections
   Start (11/19/2013 9:55:53 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:55:57 PM)
 
11 - Repair Icons
   Start (11/19/2013 9:55:57 PM)
   Running Repair Under System Account
   Done (11/19/2013 9:56:00 PM)
 
12 - Repair Winsock & DNS Cache
   Start (11/19/2013 9:56:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:56:17 PM)
 
14 - Repair Proxy Settings
   Start (11/19/2013 9:56:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:56:22 PM)
 
16 - Repair Windows Updates
   Start (11/19/2013 9:56:22 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:57:51 PM)
 
17 - Repair CD/DVD Missing/Not Working
   Start (11/19/2013 9:57:51 PM)
   Done (11/19/2013 9:57:51 PM)
 
18 - Repair Volume Shadow Copy Service
   Start (11/19/2013 9:57:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:17 PM)
 
20 - Repair MSI (Windows Installer)
   Start (11/19/2013 9:58:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:34 PM)
 
22.01 - Repair bat Association
   Start (11/19/2013 9:58:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:39 PM)
 
22.02 - Repair cmd Association
   Start (11/19/2013 9:58:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:44 PM)
 
22.03 - Repair com Association
   Start (11/19/2013 9:58:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:48 PM)
 
22.04 - Repair Directory Association
   Start (11/19/2013 9:58:48 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:53 PM)
 
22.05 - Repair Drive Association
   Start (11/19/2013 9:58:53 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:58:58 PM)
 
22.06 - Repair exe Association
   Start (11/19/2013 9:58:58 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:02 PM)
 
22.07 - Repair Folder Association
   Start (11/19/2013 9:59:02 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:07 PM)
 
22.08 - Repair inf Association
   Start (11/19/2013 9:59:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:12 PM)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (11/19/2013 9:59:12 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:17 PM)
 
22.10 - Repair msc Association
   Start (11/19/2013 9:59:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:21 PM)
 
22.11 - Repair reg Association
   Start (11/19/2013 9:59:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:26 PM)
 
22.12 - Repair scr Association
   Start (11/19/2013 9:59:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:31 PM)
 
23 - Repair Windows Safe Mode
   Start (11/19/2013 9:59:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:35 PM)
 
24 - Repair Print Spooler
   Start (11/19/2013 9:59:35 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 9:59:55 PM)
 
25 - Restore Important Windows Services
   Start (11/19/2013 9:59:55 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 10:00:19 PM)
 
26 - Set Windows Services To Default Startup
   Start (11/19/2013 10:00:19 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/19/2013 10:01:29 PM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (11/19/2013 10:01:29 PM)
   Total Repair Time: 00:26:06
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,611 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:28 PM

Posted 19 November 2013 - 10:24 PM

I am assuming the first 2 steps ran properly?

Any change in computer behavior?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:10:28 PM

Posted 20 November 2013 - 03:45 PM

The first 2 steps did run properly.

 

The computer did start up a little bit faster than before last night and behaved correctly and with normal speed.  This morning when I attempted to wake the computer from power save it took forever (over 15 minutes and counting before I had to leave) to load everything back to a usable state.  Still very slow after screen saver or power save.  I did not have the time to reboot again to see how quick it booted this morning.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users