Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Windows 7 Desktop and disabled McAfee


  • This topic is locked This topic is locked
13 replies to this topic

#1 whatisavailable

whatisavailable

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 03 August 2014 - 04:55 PM

Hi

We have a computer that refuses to allow real-time scanning and is dreadfully slow.  System is an HP Windows 7.

Would appreciate any help to get real-time scanning working again and speed it up.

Thanks

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 03 August 2014 - 09:14 PM

Perform these steps in Safemode With Networking.

How to start Windows in Safe Mode or Safe Mode with ...

 

 

Please download Junkware Removal Tool and save it on your desktop.

 


  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please attach the JRT log.


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result. 



#3 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 03 August 2014 - 11:41 PM

Hi - Thank you for your help!

I don't think I can attach logs in this forum so I'll copy/paste the information from each of them:

 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Admin on Sun 08/03/2014 at 23:02:24.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/03/2014 at 23:05:54.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ADWCLEANER
# AdwCleaner v3.302 - Report created 03/08/2014 at 23:14:15
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Admin - TERRILYNN-PC
# Running from : C:\Users\Admin\Desktop\adwcleaner_3.302.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7l38a0qh.default\prefs.js ]
 
 
[ File : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\vfm5ql1j.default\prefs.js ]
 
 
[ File : C:\Users\Terrilynn\AppData\Roaming\Mozilla\Firefox\Profiles\91wfuuh9.Terri Lynn\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
[ File : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Terrilynn\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3445 octets] - [11/12/2013 23:11:20]
AdwCleaner[R10].txt - [2606 octets] - [13/04/2014 14:40:37]
AdwCleaner[R11].txt - [2727 octets] - [13/04/2014 18:52:36]
AdwCleaner[R12].txt - [2769 octets] - [20/05/2014 21:29:40]
AdwCleaner[R13].txt - [3410 octets] - [25/05/2014 23:26:32]
AdwCleaner[R14].txt - [3101 octets] - [02/08/2014 13:10:09]
AdwCleaner[R15].txt - [3081 octets] - [02/08/2014 13:16:08]
AdwCleaner[R16].txt - [3371 octets] - [03/08/2014 23:12:07]
AdwCleaner[R1].txt - [1688 octets] - [11/12/2013 23:21:18]
AdwCleaner[R2].txt - [2166 octets] - [22/02/2014 14:08:00]
AdwCleaner[R3].txt - [1928 octets] - [22/02/2014 14:30:10]
AdwCleaner[R4].txt - [2052 octets] - [22/02/2014 16:17:06]
AdwCleaner[R5].txt - [1403 octets] - [22/02/2014 16:25:47]
AdwCleaner[R6].txt - [2234 octets] - [22/02/2014 22:08:10]
AdwCleaner[R7].txt - [2574 octets] - [24/02/2014 00:46:06]
AdwCleaner[R8].txt - [2472 octets] - [06/03/2014 00:24:41]
AdwCleaner[R9].txt - [2592 octets] - [30/03/2014 01:26:28]
AdwCleaner[S0].txt - [3495 octets] - [11/12/2013 23:13:55]
AdwCleaner[S10].txt - [2789 octets] - [13/04/2014 18:53:59]
AdwCleaner[S11].txt - [2831 octets] - [20/05/2014 21:32:09]
AdwCleaner[S12].txt - [3488 octets] - [25/05/2014 23:30:11]
AdwCleaner[S13].txt - [3167 octets] - [02/08/2014 13:11:49]
AdwCleaner[S14].txt - [2755 octets] - [03/08/2014 23:14:15]
AdwCleaner[S1].txt - [1749 octets] - [11/12/2013 23:22:45]
AdwCleaner[S2].txt - [2231 octets] - [22/02/2014 14:15:52]
AdwCleaner[S3].txt - [1887 octets] - [22/02/2014 15:20:54]
AdwCleaner[S4].txt - [2113 octets] - [22/02/2014 16:19:19]
AdwCleaner[S5].txt - [2295 octets] - [22/02/2014 22:15:35]
AdwCleaner[S6].txt - [2637 octets] - [24/02/2014 00:46:59]
AdwCleaner[S7].txt - [2533 octets] - [06/03/2014 00:26:53]
AdwCleaner[S8].txt - [2653 octets] - [30/03/2014 01:31:07]
AdwCleaner[S9].txt - [2666 octets] - [13/04/2014 14:43:04]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [3356 octets] ##########
 
MTB
MiniToolBox by Farbar  Version: 21-07-2014
Ran by Admin (administrator) on 03-08-2014 at 23:28:54
Running from "C:\Users\Admin\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connecting)
Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter = Wireless Network Connection 2 (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Terrilynn-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter
   Physical Address. . . . . . . . . : 68-1C-A2-16-40-B1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3945:5eab:807d:a3f0%17(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.128.194(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 03, 2014 11:17:18 PM
   Lease Expires . . . . . . . . . . : Sunday, August 10, 2014 11:17:18 PM
   Default Gateway . . . . . . . . . : 192.168.128.1
   DHCP Server . . . . . . . . . . . : 192.168.128.1
   DHCPv6 IAID . . . . . . . . . . . : 325590178
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-CD-BD-D5-70-71-BC-61-73-32
   DNS Servers . . . . . . . . . . . : 192.168.128.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet 
   Physical Address. . . . . . . . . : 70-71-BC-61-73-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::515c:acfb:4dea:664f%10(Deprecated) 
   Autoconfiguration IPv4 Address. . : 169.254.102.79(Tentative) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{AEE90A2B-B6A5-40FE-A258-C0C4FCBB3828}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:10c2:14ad:e7e3:b85f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::10c2:14ad:e7e3:b85f%19(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  my.meraki.net
Address:  192.168.128.1
 
Name:    google.com
Addresses:  2607:f8b0:4000:804::1003
 74.125.227.167
 74.125.227.168
 74.125.227.169
 74.125.227.174
 74.125.227.160
 74.125.227.161
 74.125.227.162
 74.125.227.163
 74.125.227.164
 74.125.227.165
 74.125.227.166
 
 
Pinging google.com [74.125.227.166] with 32 bytes of data:
Reply from 74.125.227.166: bytes=32 time=30ms TTL=53
Reply from 74.125.227.166: bytes=32 time=21ms TTL=53
 
Ping statistics for 74.125.227.166:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 30ms, Average = 25ms
Server:  my.meraki.net
Address:  192.168.128.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=99ms TTL=46
Reply from 98.139.183.24: bytes=32 time=88ms TTL=46
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 88ms, Maximum = 99ms, Average = 93ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...68 1c a2 16 40 b1 ......Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter
 10...70 71 bc 61 73 32 ......NVIDIA nForce 10/100 Mbps Ethernet 
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.128.1  192.168.128.194     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.128.0    255.255.255.0         On-link   192.168.128.194    281
  192.168.128.194  255.255.255.255         On-link   192.168.128.194    281
  192.168.128.255  255.255.255.255         On-link   192.168.128.194    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   192.168.128.194    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   192.168.128.194    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 19     58 2001::/32                On-link
 19    306 2001:0:9d38:6ab8:10c2:14ad:e7e3:b85f/128
                                    On-link
 17    281 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::10c2:14ad:e7e3:b85f/128
                                    On-link
 17    281 fe80::3945:5eab:807d:a3f0/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 17    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/03/2014 11:24:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_p2pimsvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000008
Fault offset: 0x00000000000cd7e8
Faulting process id: 0xddc
Faulting application start time: 0xsvchost.exe_p2pimsvc0
Faulting application path: svchost.exe_p2pimsvc1
Faulting module path: svchost.exe_p2pimsvc2
Report Id: svchost.exe_p2pimsvc3
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(Photosmart\032Prem\032C410\032series\032[6238B9]._scanner._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(Photosmart\032Prem\032C410\032series\032[6238B9]._pdl-datastream._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._smb._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._scanner._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._pdl-datastream._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(AHUB4US._smb._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:17:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
 
 
System errors:
=============
Error: (08/03/2014 11:30:11 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Identity Manager service, but this action failed with the following error: 
%%1056
 
Error: (08/03/2014 11:24:59 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
 
Error: (08/03/2014 11:24:59 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
 
Error: (08/03/2014 11:24:59 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Identity Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
 
Error: (08/03/2014 11:24:00 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (08/03/2014 11:18:11 PM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (08/03/2014 11:18:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (08/03/2014 11:15:56 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/03/2014 11:15:56 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/03/2014 11:15:56 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/03/2014 11:24:37 PM) (Source: Application Error)(User: )
Description: svchost.exe_p2pimsvc6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18247521eaf24c000000800000000000cd7e8ddc01cfaf9bd1239ef0C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll3e4804d0-1b8f-11e4-aa99-940ecc04e1d3
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(Photosmart\032Prem\032C410\032series\032[6238B9]._scanner._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(Photosmart\032Prem\032C410\032series\032[6238B9]._pdl-datastream._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._smb._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._scanner._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(KodakESP5200+1836._pdl-datastream._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:20:46 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(AHUB4US._smb._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/03/2014 11:17:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-24 09:14:41.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore_3_8\VSCA914.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-24 09:14:41.287
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore_3_8\VSCA914.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-24 09:14:41.287
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore_3_8\VSCA914.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-24 09:14:41.271
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore_3_8\VSCA914.tmp\vscore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-23 02:59:32.626
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix2342347687612166C\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-23 02:59:32.563
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix2342347687612166C\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-26 03:25:16.728
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix23423476876\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-26 03:25:16.666
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix23423476876\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-26 03:25:16.385
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix23423476876\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-26 03:25:16.323
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix23423476876\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
1Password 1.0.9.340 (HKLM-x32\...\1Password_is1) (Version: 1.0 - AgileBits)
3ivx MPEG-4 5.0.3 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
aiofw (x32 Version: 4.2.6.0 - Eastman Kodak Company) Hidden
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 4.2.6.0 - Your Company Name) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
bodybugg Software (HKLM-x32\...\InstallShield_{CB706270-54EA-4E48-9FFB-0B95FA04DBE6}) (Version: 9.0.1.847 - BodyMedia, Inc.)
bodybugg Software (x32 Version: 9.0.1.847 - BodyMedia, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{31758AE2-D16E-4E1E-A448-945EF61B48A8}) (Version: 0.8.52 - Kovid Goyal)
center (x32 Version: 5.0.0.0 - Eastman Kodak Company) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2115 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FamilySearch Indexing 3.12.1 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.12.1 - FamilySearch)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.6 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
KODAK AiO Home Center (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 5.4.6.4 - Eastman Kodak Company)
KWorld USB 2860 Device Driver (HKLM\...\TVEpaDrv) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Meraki Systems Manager Agent (HKLM-x32\...\{6E3DDD01-BEAE-4AB5-A747-27C4CC904E90}) (Version: 1.0.86 - Meraki)
Meraki Systems Manager Agent (HKLM-x32\...\{AFC83131-57AB-4E6B-98B8-2B3C265A458E}) (Version: 1.0.87 - Meraki)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Moo0 Disk Cleaner 1.23 (HKLM-x32\...\Moo0 DiskCleaner) (Version:  - )
Moo0 File Monitor 1.11 (HKLM-x32\...\Moo0 FileMonitor) (Version:  - )
Moo0 System Monitor 1.76 (HKLM-x32\...\Moo0 SystemMonitor) (Version:  - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9739 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.58.36 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PhotoNow! 1.0 (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 3.0.4004 - CyberLink Corporation)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power CD+G Burner (HKLM-x32\...\{BC21E1FA-BD9C-4351-8EA3-4EC377B1E439}_is1) (Version:  - Doblon)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
PreReq (x32 Version: 6.0.5.2 - Eastman Kodak Company) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.5 - NETGEAR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
SuperTintin 1.2.0.23 (HKLM-x32\...\SuperTintin Skype Video Call Recorder_is1) (Version: 1.2.0.23 - IMTiger Technologies Ltd)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.3 - Tweaking.com)
UltraVNC 1.0.9.1 (HKLM-x32\...\Ultravnc2_is1) (Version: 1.0.9.1 - 1.0.9.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4A0C-A916-1D12314F45EB}) (Version: 1.00.0183 - REALTEK Semiconductor Corp.)
WN111v2 (x32 Version: 3.0.0.5 - NETGEAR) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 73%
Total physical RAM: 1790.49 MB
Available physical RAM: 477.23 MB
Total Pagefile: 3580.98 MB
Available Pagefile: 1290.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3991.83 MB
 
========================= Partitions: =====================================
 
1 Drive c: (COMPAQ) (Fixed) (Total:455.77 GB) (Free:218.03 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.89 GB) (Free:1.48 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TERRILYNN-PC
 
Admin                    Administrator            Avery                    
Guest                    Jim                      Linda&Stephy             
Rylie                    Terrilynn                
 
 
**** End of log ****
 
 


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 05 August 2014 - 08:19 PM

Remove McAfee AntiVirus then run the removal tool.

 

 

http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe

 

Now then follow this guide.

 

http://windowsinstructed.com/windows-7-or-vista-machine-is-running-a-bit-slower-than-it-used-to/



#5 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 05 August 2014 - 11:53 PM

Thank you. I have been running apps for the last few hours.

I will report back when I have gone through the guide.

Jim



#6 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 06 August 2014 - 12:24 AM

From JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Admin on Tue 08/05/2014 at 21:26:38.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2761659830-316317637-1716568159-1003\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Suspicious HKLM\..\Run entries found. Trojan:JS/Medfos.B?
 
    Value Name          Type                             Value Data                     
========================================================================================
 
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
 
    Value Name          Type                             Value Data                     
========================================================================================
 
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/06/2014 at  0:18:23.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 07 August 2014 - 09:23 AM

Hi

I've completed the steps. What is the next step?  Do you need any of the logs that were created?

The system seems to be a bit faster but it is still much slower than it should be.

Thanks



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 07 August 2014 - 08:08 PM

Can you post a new minitoolbox log for me please. :)



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 07 August 2014 - 08:22 PM

Please disable your antivirus, prior and during this scan.

Please Download Emisoft Emergency Kit from here.
Save the file to your desktop.

Now boot your machine into safemode with networking. 

 

Right click and run as administrator. (xp users double click)
Click Accept and Extract.
This file will appear on the desktop.
5mDYl2s.png
Right click it, select run as administrator. (xp users double click)
Select Emergency Kit Scanner.
XD8s6GY.png
A pop up requesting an update will appear, select yes.
GhaXlHz.png
After the update go to scan pc select the option in the picture below.
vo6qCbW.png
Now select Quarantine Detected Objects.

Bx2A8B2.png
When the update has finshed, go to scan pc ,select deep scan.
YUZY8NB.png
This scan will take a long time this is normal, as it scans your entire hard drive.
Click on view report, save report to your desktop attach here in your next reply. 



#10 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 29 August 2014 - 09:02 AM

Thanks.  Running it now. 

Sorry, was out of town and didn't have access to the computer.



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 03 September 2014 - 05:54 PM

:)



#12 whatisavailable

whatisavailable
  • Topic Starter

  • Members
  • 212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:02:06 PM

Posted 03 September 2014 - 09:04 PM

Hi

It took a bit of time and I got busy doing other things.

 

First one:

Emsisoft Emergency Kit - Version 9.0
Last update: 8/29/2014 9:18:13 AM
User account: Terrilynn-PC\Admin
 
Scan settings:
 
Scan type: Quick Scan
Objects: Rootkits, Memory, Traces
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 8/29/2014 9:18:48 AM
Value: HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Value: HKEY_USERS\S-1-5-21-2761659830-316317637-1716568159-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-2761659830-316317637-1716568159-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
 
Scanned 57220
Found 8
 
Scan end: 8/29/2014 9:19:30 AM
Scan time: 0:00:42
 
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-2761659830-316317637-1716568159-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_USERS\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_USERS\S-1-5-21-2761659830-316317637-1716568159-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
 
Quarantined 6
 
2nd One
Emsisoft Emergency Kit - Version 9.0
Last update: 8/29/2014 9:18:13 AM
User account: Terrilynn-PC\Admin
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 8/29/2014 9:20:04 AM
 
Scanned 56806
Found 0
 
Scan end: 8/29/2014 9:23:16 AM
Scan time: 0:03:12
 
 
3rd One
 
Emsisoft Emergency Kit - Version 9.0
Last update: 8/29/2014 9:26:16 AM
User account: Terrilynn-PC\Admin
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 8/29/2014 9:26:35 AM
C:\Windows\madipole\getapras.sys detected: Application.Keylogger.Spector.A (B)
 
Scanned 341641
Found 1
 
Scan end: 8/29/2014 11:54:28 AM
Scan time: 2:27:53
 
C:\Windows\madipole\getapras.sys Quarantined Application.Keylogger.Spector.A (B)
 
Quarantined 1
 
I recall I purchased a Spector product years ago to help watch our younger children.  Didn't have to do much with it - guess it is still living on this computer. I don't recall how to remove it.
 
Thanks!
 


#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:06 PM

Posted 06 September 2014 - 06:27 PM

How is your machine running now? 



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:06 PM

Posted 23 August 2016 - 02:37 PM

Ok

New topic
http://www.bleepingcomputer.com/forums/t/624390/windows-7-appears-infected-most-sites-not-available-invalid-certificate-errors/

Closing this one.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users