Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Massive slowdown after switching anti-virus programs


  • This topic is locked This topic is locked
17 replies to this topic

#1 wpfast

wpfast

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 23 August 2014 - 10:39 PM

I don't know if I am infected.
My BitDefender subscription expired and I installed a 30 day trial for ESET Smart Security.
I followed instructions to delete BitDefender but fragments may remain.
System seemed to work okay at first but then after a day or so slowed down drastically when loading website pages.
I ran MalwareBytes scan and nothing was found.
I tried a system restore and it did not help.
Something seemed to happen when I switched anti-virus programs. I am wondering if I was unprotected even for a day and something slipped in on my system.
Thanks for any help.

wpfast

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 23 August 2014 - 11:11 PM

Hello -

Download all tools to Desktop and Copy and Paste any requested logs.

 

First - To check your Operating System and any installed Antivirus programs.

 

Download Screen317 Security Check and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please Copy/Paste the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do

You may need to Temporarily Disable your Antivirus

Post back the log or tell us if there is any problens with this version.

 

Thank You -



#3 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 24 August 2014 - 02:40 PM

Hello-

I was unable to download the program even after disabling ESET  

only message was that the publisher could not be verified

I tried to override but couldn't

 

thanks

 

wpfast



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 24 August 2014 - 06:58 PM

Hi -

No problem, and why I added ""Post back the log or tell us if there is any problens with this version.""

 

 

(I tried a system restore and it did not help.) < is my problem, since you may have re-installed your problem.

 

Please try this simple program, even though it is not fully security specific.

 

Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 Click Go and Copy / Paste the result. (result.txt)

 

 

 

Follow with -

Please download and run RKill by Grinler.

  • A black DOS box will appear for a short time and then disappear.
  • This is normal and indicates the tool ran successfully.
  • At most the tool will usually run for about 2 minutes

Please Copy and Paste the log back here.

 
Do not reboot your computer until you complete the next step.

 

 NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK / OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

Thank You -



#5 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 24 August 2014 - 11:25 PM

I ran all programs in Safe Mode as I had same problem with them as Screen17Security Check...but in Safe mode they downloaded fine.

Here are the logs:

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Wells (administrator) on 24-08-2014 at 23:07:03
Running from "C:\Users\Wells\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/24/2014 11:12:09 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)127.0.0.1       localhost

Program finished at: 08/24/2014 11:12:49 PM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)

 

# AdwCleaner v3.308 - Report created 24/08/2014 at 23:16:07
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\topapp soft

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B01F3F08771A494439EC8990D0180939
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\fpct94pw.default\prefs.js ]

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : http://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : http://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4178 octets] - [21/08/2013 23:31:39]
AdwCleaner[R10].txt - [8890 octets] - [22/11/2013 02:34:52]
AdwCleaner[R11].txt - [11440 octets] - [04/12/2013 14:39:23]
AdwCleaner[R12].txt - [4998 octets] - [08/12/2013 16:04:05]
AdwCleaner[R13].txt - [15700 octets] - [08/01/2014 11:25:13]
AdwCleaner[R14].txt - [5592 octets] - [18/01/2014 16:06:39]
AdwCleaner[R15].txt - [5730 octets] - [26/01/2014 16:12:47]
AdwCleaner[R16].txt - [6166 octets] - [12/02/2014 17:35:57]
AdwCleaner[R17].txt - [5934 octets] - [19/02/2014 07:07:15]
AdwCleaner[R18].txt - [6770 octets] - [22/03/2014 21:33:41]
AdwCleaner[R19].txt - [6666 octets] - [23/03/2014 18:39:32]
AdwCleaner[R1].txt - [2074 octets] - [22/08/2013 23:25:22]
AdwCleaner[R20].txt - [6910 octets] - [13/04/2014 18:40:55]
AdwCleaner[R21].txt - [26932 octets] - [27/04/2014 00:51:26]
AdwCleaner[R22].txt - [9400 octets] - [11/05/2014 21:22:36]
AdwCleaner[R23].txt - [7494 octets] - [11/05/2014 23:38:28]
AdwCleaner[R24].txt - [11126 octets] - [24/08/2014 23:15:04]
AdwCleaner[R2].txt - [2862 octets] - [24/08/2013 16:06:25]
AdwCleaner[R3].txt - [2660 octets] - [30/08/2013 11:44:49]
AdwCleaner[R4].txt - [2900 octets] - [31/08/2013 08:56:47]
AdwCleaner[R5].txt - [3294 octets] - [08/09/2013 23:02:06]
AdwCleaner[R6].txt - [3276 octets] - [08/09/2013 23:17:14]
AdwCleaner[R7].txt - [4670 octets] - [08/09/2013 23:29:53]
AdwCleaner[R8].txt - [3866 octets] - [11/09/2013 00:49:40]
AdwCleaner[R9].txt - [4326 octets] - [26/09/2013 22:12:27]
AdwCleaner[S0].txt - [2028 octets] - [21/08/2013 23:32:09]
AdwCleaner[S10].txt - [11280 octets] - [04/12/2013 14:41:29]
AdwCleaner[S11].txt - [4950 octets] - [08/12/2013 16:49:54]
AdwCleaner[S12].txt - [15780 octets] - [08/01/2014 11:26:05]
AdwCleaner[S13].txt - [5552 octets] - [18/01/2014 16:07:17]
AdwCleaner[S14].txt - [5682 octets] - [26/01/2014 16:14:56]
AdwCleaner[S15].txt - [6028 octets] - [12/02/2014 17:36:37]
AdwCleaner[S16].txt - [3039 octets] - [19/02/2014 07:07:44]
AdwCleaner[S17].txt - [6726 octets] - [22/03/2014 21:34:31]
AdwCleaner[S18].txt - [6614 octets] - [23/03/2014 18:43:55]
AdwCleaner[S19].txt - [6858 octets] - [13/04/2014 22:55:40]
AdwCleaner[S1].txt - [2198 octets] - [22/08/2013 23:26:44]
AdwCleaner[S20].txt - [21994 octets] - [27/04/2014 00:51:57]
AdwCleaner[S21].txt - [9576 octets] - [11/05/2014 21:23:32]
AdwCleaner[S22].txt - [7618 octets] - [11/05/2014 23:38:50]
AdwCleaner[S23].txt - [4770 octets] - [24/08/2014 23:16:07]
AdwCleaner[S2].txt - [3004 octets] - [24/08/2013 16:07:17]
AdwCleaner[S3].txt - [2794 octets] - [30/08/2013 16:11:48]
AdwCleaner[S4].txt - [3034 octets] - [31/08/2013 08:57:10]
AdwCleaner[S5].txt - [3354 octets] - [08/09/2013 23:03:01]
AdwCleaner[S6].txt - [3398 octets] - [08/09/2013 23:17:37]
AdwCleaner[S7].txt - [4768 octets] - [08/09/2013 23:30:29]
AdwCleaner[S8].txt - [4000 octets] - [11/09/2013 00:50:23]
AdwCleaner[S9].txt - [8992 octets] - [22/11/2013 02:36:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S23].txt - [5311 octets] ##########
# AdwCleaner v3.308 - Report created 24/08/2014 at 23:16:07
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\topapp soft

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B01F3F08771A494439EC8990D0180939
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\fpct94pw.default\prefs.js ]

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4178 octets] - [21/08/2013 23:31:39]
AdwCleaner[R10].txt - [8890 octets] - [22/11/2013 02:34:52]
AdwCleaner[R11].txt - [11440 octets] - [04/12/2013 14:39:23]
AdwCleaner[R12].txt - [4998 octets] - [08/12/2013 16:04:05]
AdwCleaner[R13].txt - [15700 octets] - [08/01/2014 11:25:13]
AdwCleaner[R14].txt - [5592 octets] - [18/01/2014 16:06:39]
AdwCleaner[R15].txt - [5730 octets] - [26/01/2014 16:12:47]
AdwCleaner[R16].txt - [6166 octets] - [12/02/2014 17:35:57]
AdwCleaner[R17].txt - [5934 octets] - [19/02/2014 07:07:15]
AdwCleaner[R18].txt - [6770 octets] - [22/03/2014 21:33:41]
AdwCleaner[R19].txt - [6666 octets] - [23/03/2014 18:39:32]
AdwCleaner[R1].txt - [2074 octets] - [22/08/2013 23:25:22]
AdwCleaner[R20].txt - [6910 octets] - [13/04/2014 18:40:55]
AdwCleaner[R21].txt - [26932 octets] - [27/04/2014 00:51:26]
AdwCleaner[R22].txt - [9400 octets] - [11/05/2014 21:22:36]
AdwCleaner[R23].txt - [7494 octets] - [11/05/2014 23:38:28]
AdwCleaner[R24].txt - [11126 octets] - [24/08/2014 23:15:04]
AdwCleaner[R2].txt - [2862 octets] - [24/08/2013 16:06:25]
AdwCleaner[R3].txt - [2660 octets] - [30/08/2013 11:44:49]
AdwCleaner[R4].txt - [2900 octets] - [31/08/2013 08:56:47]
AdwCleaner[R5].txt - [3294 octets] - [08/09/2013 23:02:06]
AdwCleaner[R6].txt - [3276 octets] - [08/09/2013 23:17:14]
AdwCleaner[R7].txt - [4670 octets] - [08/09/2013 23:29:53]
AdwCleaner[R8].txt - [3866 octets] - [11/09/2013 00:49:40]
AdwCleaner[R9].txt - [4326 octets] - [26/09/2013 22:12:27]
AdwCleaner[S0].txt - [2028 octets] - [21/08/2013 23:32:09]
AdwCleaner[S10].txt - [11280 octets] - [04/12/2013 14:41:29]
AdwCleaner[S11].txt - [4950 octets] - [08/12/2013 16:49:54]
AdwCleaner[S12].txt - [15780 octets] - [08/01/2014 11:26:05]
AdwCleaner[S13].txt - [5552 octets] - [18/01/2014 16:07:17]
AdwCleaner[S14].txt - [5682 octets] - [26/01/2014 16:14:56]
AdwCleaner[S15].txt - [6028 octets] - [12/02/2014 17:36:37]
AdwCleaner[S16].txt - [3039 octets] - [19/02/2014 07:07:44]
AdwCleaner[S17].txt - [6726 octets] - [22/03/2014 21:34:31]
AdwCleaner[S18].txt - [6614 octets] - [23/03/2014 18:43:55]
AdwCleaner[S19].txt - [6858 octets] - [13/04/2014 22:55:40]
AdwCleaner[S1].txt - [2198 octets] - [22/08/2013 23:26:44]
AdwCleaner[S20].txt - [21994 octets] - [27/04/2014 00:51:57]
AdwCleaner[S21].txt - [9576 octets] - [11/05/2014 21:23:32]
AdwCleaner[S22].txt - [7618 octets] - [11/05/2014 23:38:50]
AdwCleaner[S23].txt - [4770 octets] - [24/08/2014 23:16:07]
AdwCleaner[S2].txt - [3004 octets] - [24/08/2013 16:07:17]
AdwCleaner[S3].txt - [2794 octets] - [30/08/2013 16:11:48]
AdwCleaner[S4].txt - [3034 octets] - [31/08/2013 08:57:10]
AdwCleaner[S5].txt - [3354 octets] - [08/09/2013 23:03:01]
AdwCleaner[S6].txt - [3398 octets] - [08/09/2013 23:17:37]
AdwCleaner[S7].txt - [4768 octets] - [08/09/2013 23:30:29]
AdwCleaner[S8].txt - [4000 octets] - [11/09/2013 00:50:23]
AdwCleaner[S9].txt - [8992 octets] - [22/11/2013 02:36:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S23].txt - [5311 octets] ##########

 

 

 

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)127.0.0.1       localhost

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/24/2014 11:05:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 11:04:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/24/2014 11:02:41 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (08/24/2014 11:02:40 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (08/24/2014 05:29:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/23/2014 10:04:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 10:03:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/23/2014 10:01:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (08/23/2014 09:40:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 09:39:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:
=============
Error: (08/24/2014 11:06:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:06:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:06:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:57 PM) (Source: DCOM) (User: )
Description: 1084MDM{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (08/24/2014 11:04:29 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:28 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/24/2014 11:04:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (08/24/2014 11:05:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 11:04:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (08/24/2014 11:02:41 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (08/24/2014 11:02:40 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (08/24/2014 05:29:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/23/2014 10:04:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 10:03:43 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (08/23/2014 10:01:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (08/23/2014 09:40:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2014 09:39:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

 

=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX 64) (Version: 10.3.162.28 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{15AE611F-5A40-4BD0-9291-1C6856BDB9A4}) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{16E20D9D-E7E2-4951-A944-6FFC40870AD4}) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Creator LE (HKLM-x32\...\AudioCreator_is1) (Version: 1.0 - Cakewalk Music Software)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.5 - Auslogics Software Pty Ltd)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DownloadTerms (HKCU\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{5E6F6CE8-1A35-4629-A550-376D4FF74F9B}) (Version: 7.0.317.4 - ESET, spol s r. o.)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Glary Utilities 2.49.0.1600 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.49.0.1600 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IE Java Block 32bit Shim (HKLM\...\{01cf069a-f8a1-4067-adc4-5ef7e922733c}.sdb) (Version:  - )
IE Java Block 64bit Shim (HKLM\...\{b6631758-86a3-42a8-a308-9fe150096f25}.sdb) (Version:  - )
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.10.2466 - IObit)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
LogMeIn (HKLM-x32\...\{84713778-D9A9-4130-A811-DF3187827B05}) (Version: 4.0.966 - LogMeIn, Inc.)
Malwarebytes Anti-Exploit version 0.10.0.1000 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.10.0.1000 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft IntelliType Pro 8.1 (HKLM\...\Microsoft IntelliType Pro 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
RegHunter (HKLM\...\{D4EFA08D-A192-4007-987D-71BFF23B2F8F}) (Version: 1.2.2.1568 - Enigma Software Group USA, LLC)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TunnelBear (HKLM-x32\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (x32 Version: 2.2.25.0 - TunnelBear) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vensim PLE (HKLM-x32\...\Vensim PLE) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Window Washer (HKLM-x32\...\Window Washer) (Version:  - Webroot Software, Inc.)
Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3839.11 MB
Available physical RAM: 2741.4 MB
Total Pagefile: 11337.29 MB
Available Pagefile: 10264.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.66 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:466.2 GB) (Free:410.96 GB) NTFS
3 Drive d: (Backup) (Fixed) (Total:465.31 GB) (Free:65.6 GB) NTFS

========================= Users: ========================================

**** End of log ****

 

 

Thank you.

 

wpfast



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 25 August 2014 - 12:55 AM

A few basic things first -

You may note that I have said TRY on most items, as your internet seems shot at the moment .....

 

AdwCleaner[S23].txt - [4770 octets] - [24/08/2014 23:16:07] -

Please open AdwCleaner and hit the Uninstall button. This will remove all items in quarantine, and also remove the program.

You have already used this version 24 times ([S0] is the first run) then reinstall it and run it again as per above.

 

Glary Utilities 2.49.0.1600 is not required and can be removed

Try to remove RegHunter by Enigma Software Group as it is recognised as a scam program.

It is amazing that IObit Uninstaller still remains, so try and remove this.

Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) << Part Antivirus if you can get it.

 

Update Malwarebytes Anti-Malware and try to run a scan with that, then post the log backhere.

 

No signs of BitDefender, but we only do "surface scans" here.

 

Thanks -


Edited by noknojon, 25 August 2014 - 02:39 AM.


#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 25 August 2014 - 03:29 AM

I have added another item above, (so the edit,)

 

My main problem is that with all of your problems showing, and what looks like a bad internet connection, we are going to be limited in what we can do.

 

I am not sure if you had many IObit programs installed, but these will upset all of your other programs.

They tend to take over, and there seems to always be more than you thought you had installed in the first place.

 

Please try to do what I have put forward above (removals) then we will need to upgrade the post.

 

Rkill is only a small and quick program, yet it reveals quite a lot in a few seconds, like yours has >> Typical >>

Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

 

Combined with your Application errors and System errors, (see below) and Microsoft Office Sessions: The system is failing beyond my help.

System Error: A system shutdown is in progress........

 

Please follow the instructions in ==>This Prep Guide<== starting at Step 6.

Once (if) the proper logs are created, then make a NEW TOPIC and post it to the ==>Malware Removal Area<== Not back here.

 

Please be sure to include a description of your computer issues and what you have done to try to resolve them.

 

Tell us when you post the new topic, and try to leave a link to it......

NOTES : If you cannot produce any of the requested logs, then please create the new topic anyway, include the information that you were unable to produce the logs and why along with a description of your computer issues.
Please do not ever run ComboFix unless a Malware Response Team Member instructs you to do so.



#8 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 25 August 2014 - 10:22 AM

Okay. I removed every unnecessary program you listed above, thoroughly.

Even before the removal the computer is running faster again, really at normal speed.

But I still cannot download programs like the ones you suggest, which never occurred until I installed ESET Smart Security a few days back

Not sure what security program is throwing up the message that the program could not be downloaded, and then offering me to retry...the box has a yellow line across the top & almost looks like a Norton message but there's no identifier on it...

 

I was able to run AdAware after removing and clearing the Quarantine...here is the log:

 

  

# AdwCleaner v3.000 - Report created 21/08/2013 at 23:32:09
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\adwcleaner (4).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files (x86)\Search Results Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\PC Performer_DEFAULT
File Deleted : C:\Windows\System32\Tasks\PC Performer_UPDATES
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_firefox-3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_firefox-3_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [4178 octets] - [21/08/2013 23:31:39]
AdwCleaner[S0].txt - [1888 octets] - [21/08/2013 23:32:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1948 octets] ##########
# AdwCleaner v3.308 - Report created 25/08/2014 at 10:06:28
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\AdwCleaner (2).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

Task Deleted : BackgroundContainer Startup Task
Task Deleted : DigitalSite
Task Deleted : DSite
Task Deleted : PC Performer_DEFAULT
Task Deleted : PC Performer_UPDATES
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : YourFile DownloaderUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\fpct94pw.default\prefs.js ]

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [16804 octets] - [21/08/2013 23:31:39]
AdwCleaner[R10].txt - [8890 octets] - [22/11/2013 02:34:52]
AdwCleaner[R11].txt - [11440 octets] - [04/12/2013 14:39:23]
AdwCleaner[R12].txt - [4998 octets] - [08/12/2013 16:04:05]
AdwCleaner[R13].txt - [15700 octets] - [08/01/2014 11:25:13]
AdwCleaner[R14].txt - [5592 octets] - [18/01/2014 16:06:39]
AdwCleaner[R15].txt - [5730 octets] - [26/01/2014 16:12:47]
AdwCleaner[R16].txt - [6166 octets] - [12/02/2014 17:35:57]
AdwCleaner[R17].txt - [5934 octets] - [19/02/2014 07:07:15]
AdwCleaner[R18].txt - [6770 octets] - [22/03/2014 21:33:41]
AdwCleaner[R19].txt - [6666 octets] - [23/03/2014 18:39:32]
AdwCleaner[R1].txt - [2074 octets] - [22/08/2013 23:25:22]
AdwCleaner[R20].txt - [6910 octets] - [13/04/2014 18:40:55]
AdwCleaner[R21].txt - [26932 octets] - [27/04/2014 00:51:26]
AdwCleaner[R22].txt - [9400 octets] - [11/05/2014 21:22:36]
AdwCleaner[R23].txt - [7494 octets] - [11/05/2014 23:38:28]
AdwCleaner[R24].txt - [11126 octets] - [24/08/2014 23:15:04]
AdwCleaner[R2].txt - [2862 octets] - [24/08/2013 16:06:25]
AdwCleaner[R3].txt - [2660 octets] - [30/08/2013 11:44:49]
AdwCleaner[R4].txt - [2900 octets] - [31/08/2013 08:56:47]
AdwCleaner[R5].txt - [3294 octets] - [08/09/2013 23:02:06]
AdwCleaner[R6].txt - [3276 octets] - [08/09/2013 23:17:14]
AdwCleaner[R7].txt - [4670 octets] - [08/09/2013 23:29:53]
AdwCleaner[R8].txt - [3866 octets] - [11/09/2013 00:49:40]
AdwCleaner[R9].txt - [4326 octets] - [26/09/2013 22:12:27]
AdwCleaner[S0].txt - [4730 octets] - [21/08/2013 23:32:09]
AdwCleaner[S10].txt - [11280 octets] - [04/12/2013 14:41:29]
AdwCleaner[S11].txt - [4950 octets] - [08/12/2013 16:49:54]
AdwCleaner[S12].txt - [15780 octets] - [08/01/2014 11:26:05]
AdwCleaner[S13].txt - [5552 octets] - [18/01/2014 16:07:17]
AdwCleaner[S14].txt - [5682 octets] - [26/01/2014 16:14:56]
AdwCleaner[S15].txt - [6028 octets] - [12/02/2014 17:36:37]
AdwCleaner[S16].txt - [3039 octets] - [19/02/2014 07:07:44]
AdwCleaner[S17].txt - [6726 octets] - [22/03/2014 21:34:31]
AdwCleaner[S18].txt - [6614 octets] - [23/03/2014 18:43:55]
AdwCleaner[S19].txt - [6858 octets] - [13/04/2014 22:55:40]
AdwCleaner[S1].txt - [2198 octets] - [22/08/2013 23:26:44]
AdwCleaner[S20].txt - [21994 octets] - [27/04/2014 00:51:57]
AdwCleaner[S21].txt - [9576 octets] - [11/05/2014 21:23:32]
AdwCleaner[S22].txt - [7618 octets] - [11/05/2014 23:38:50]
AdwCleaner[S23].txt - [10808 octets] - [24/08/2014 23:16:07]
AdwCleaner[S2].txt - [3004 octets] - [24/08/2013 16:07:17]
AdwCleaner[S3].txt - [2794 octets] - [30/08/2013 16:11:48]
AdwCleaner[S4].txt - [3034 octets] - [31/08/2013 08:57:10]
AdwCleaner[S5].txt - [3354 octets] - [08/09/2013 23:03:01]
AdwCleaner[S6].txt - [3398 octets] - [08/09/2013 23:17:37]
AdwCleaner[S7].txt - [4768 octets] - [08/09/2013 23:30:29]
AdwCleaner[S8].txt - [4000 octets] - [11/09/2013 00:50:23]
AdwCleaner[S9].txt - [8992 octets] - [22/11/2013 02:36:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6188 octets] ##########
# AdwCleaner v3.000 - Report created 21/08/2013 at 23:32:09
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\adwcleaner (4).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files (x86)\Search Results Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\PC Performer_DEFAULT
File Deleted : C:\Windows\System32\Tasks\PC Performer_UPDATES
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_firefox-3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_firefox-3_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [4178 octets] - [21/08/2013 23:31:39]
AdwCleaner[S0].txt - [1888 octets] - [21/08/2013 23:32:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1948 octets] ##########
# AdwCleaner v3.308 - Report created 25/08/2014 at 10:06:28
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Wells - WELLS-PC
# Running from : C:\Users\Wells\Downloads\AdwCleaner (2).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

Task Deleted : BackgroundContainer Startup Task
Task Deleted : DigitalSite
Task Deleted : DSite
Task Deleted : PC Performer_DEFAULT
Task Deleted : PC Performer_UPDATES
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : YourFile DownloaderUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\fpct94pw.default\prefs.js ]

[ File : C:\Users\Wells\AppData\Roaming\Mozilla\Firefox\Profiles\y57ymsby.default-1357964766865\prefs.js ]

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Wells\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [16804 octets] - [21/08/2013 23:31:39]
AdwCleaner[R10].txt - [8890 octets] - [22/11/2013 02:34:52]
AdwCleaner[R11].txt - [11440 octets] - [04/12/2013 14:39:23]
AdwCleaner[R12].txt - [4998 octets] - [08/12/2013 16:04:05]
AdwCleaner[R13].txt - [15700 octets] - [08/01/2014 11:25:13]
AdwCleaner[R14].txt - [5592 octets] - [18/01/2014 16:06:39]
AdwCleaner[R15].txt - [5730 octets] - [26/01/2014 16:12:47]
AdwCleaner[R16].txt - [6166 octets] - [12/02/2014 17:35:57]
AdwCleaner[R17].txt - [5934 octets] - [19/02/2014 07:07:15]
AdwCleaner[R18].txt - [6770 octets] - [22/03/2014 21:33:41]
AdwCleaner[R19].txt - [6666 octets] - [23/03/2014 18:39:32]
AdwCleaner[R1].txt - [2074 octets] - [22/08/2013 23:25:22]
AdwCleaner[R20].txt - [6910 octets] - [13/04/2014 18:40:55]
AdwCleaner[R21].txt - [26932 octets] - [27/04/2014 00:51:26]
AdwCleaner[R22].txt - [9400 octets] - [11/05/2014 21:22:36]
AdwCleaner[R23].txt - [7494 octets] - [11/05/2014 23:38:28]
AdwCleaner[R24].txt - [11126 octets] - [24/08/2014 23:15:04]
AdwCleaner[R2].txt - [2862 octets] - [24/08/2013 16:06:25]
AdwCleaner[R3].txt - [2660 octets] - [30/08/2013 11:44:49]
AdwCleaner[R4].txt - [2900 octets] - [31/08/2013 08:56:47]
AdwCleaner[R5].txt - [3294 octets] - [08/09/2013 23:02:06]
AdwCleaner[R6].txt - [3276 octets] - [08/09/2013 23:17:14]
AdwCleaner[R7].txt - [4670 octets] - [08/09/2013 23:29:53]
AdwCleaner[R8].txt - [3866 octets] - [11/09/2013 00:49:40]
AdwCleaner[R9].txt - [4326 octets] - [26/09/2013 22:12:27]
AdwCleaner[S0].txt - [4730 octets] - [21/08/2013 23:32:09]
AdwCleaner[S10].txt - [11280 octets] - [04/12/2013 14:41:29]
AdwCleaner[S11].txt - [4950 octets] - [08/12/2013 16:49:54]
AdwCleaner[S12].txt - [15780 octets] - [08/01/2014 11:26:05]
AdwCleaner[S13].txt - [5552 octets] - [18/01/2014 16:07:17]
AdwCleaner[S14].txt - [5682 octets] - [26/01/2014 16:14:56]
AdwCleaner[S15].txt - [6028 octets] - [12/02/2014 17:36:37]
AdwCleaner[S16].txt - [3039 octets] - [19/02/2014 07:07:44]
AdwCleaner[S17].txt - [6726 octets] - [22/03/2014 21:34:31]
AdwCleaner[S18].txt - [6614 octets] - [23/03/2014 18:43:55]
AdwCleaner[S19].txt - [6858 octets] - [13/04/2014 22:55:40]
AdwCleaner[S1].txt - [2198 octets] - [22/08/2013 23:26:44]
AdwCleaner[S20].txt - [21994 octets] - [27/04/2014 00:51:57]
AdwCleaner[S21].txt - [9576 octets] - [11/05/2014 21:23:32]
AdwCleaner[S22].txt - [7618 octets] - [11/05/2014 23:38:50]
AdwCleaner[S23].txt - [10808 octets] - [24/08/2014 23:16:07]
AdwCleaner[S2].txt - [3004 octets] - [24/08/2013 16:07:17]
AdwCleaner[S3].txt - [2794 octets] - [30/08/2013 16:11:48]
AdwCleaner[S4].txt - [3034 octets] - [31/08/2013 08:57:10]
AdwCleaner[S5].txt - [3354 octets] - [08/09/2013 23:03:01]
AdwCleaner[S6].txt - [3398 octets] - [08/09/2013 23:17:37]
AdwCleaner[S7].txt - [4768 octets] - [08/09/2013 23:30:29]
AdwCleaner[S8].txt - [4000 octets] - [11/09/2013 00:50:23]
AdwCleaner[S9].txt - [8992 octets] - [22/11/2013 02:36:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6188 octets] ##########



#9 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 25 August 2014 - 11:09 AM

okay, here is a fresh minitool log

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Wells (administrator) on 25-08-2014 at 10:59:16
Running from "C:\Users\Wells\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8FVKM3K6"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2014 10:41:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 10:40:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/25/2014 10:35:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 10:34:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/25/2014 10:09:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 09:41:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/25/2014 01:23:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/24/2014 11:21:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 11:20:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/24/2014 11:05:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:29 AM) (Source: DCOM) (User: )
Description: 1084MDM{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (08/25/2014 10:56:25 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:25 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/25/2014 10:56:25 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (08/25/2014 10:41:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 10:40:10 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (08/25/2014 10:35:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 10:34:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (08/25/2014 10:09:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 09:41:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Downloads\esetsmartinstaller_enu (1).exe

Error: (08/25/2014 01:23:09 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/24/2014 11:21:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/24/2014 11:20:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wells\Desktop\esetsmartinstaller_enu.exe

Error: (08/24/2014 11:05:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX 64) (Version: 10.3.162.28 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{15AE611F-5A40-4BD0-9291-1C6856BDB9A4}) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{16E20D9D-E7E2-4951-A944-6FFC40870AD4}) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Creator LE (HKLM-x32\...\AudioCreator_is1) (Version: 1.0 - Cakewalk Music Software)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.5 - Auslogics Software Pty Ltd)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DownloadTerms (HKCU\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{5E6F6CE8-1A35-4629-A550-376D4FF74F9B}) (Version: 7.0.317.4 - ESET, spol s r. o.)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IE Java Block 32bit Shim (HKLM\...\{01cf069a-f8a1-4067-adc4-5ef7e922733c}.sdb) (Version:  - )
IE Java Block 64bit Shim (HKLM\...\{b6631758-86a3-42a8-a308-9fe150096f25}.sdb) (Version:  - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes Anti-Exploit version 0.10.0.1000 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.10.0.1000 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft IntelliType Pro 8.1 (HKLM\...\Microsoft IntelliType Pro 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
TunnelBear (HKLM-x32\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (x32 Version: 2.2.25.0 - TunnelBear) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vensim PLE (HKLM-x32\...\Vensim PLE) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Window Washer (HKLM-x32\...\Window Washer) (Version:  - Webroot Software, Inc.)
Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 3839.11 MB
Available physical RAM: 3145.31 MB
Total Pagefile: 11337.29 MB
Available Pagefile: 10671.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.66 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:466.2 GB) (Free:411.46 GB) NTFS
3 Drive d: (Backup) (Fixed) (Total:465.31 GB) (Free:65.6 GB) NTFS

========================= Users: ========================================

**** End of log ****

 

so you can see I removed those unnecessary and maybe interfering programs

 

malware Bytes scan came up clean

 

computer is running well but I still cannot download/Save to Desktop most programs/tools from Bleeping Computer...even in SAFE mode...I CAN however RUN the some of the programs and get the logs



#10 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 25 August 2014 - 11:24 AM

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/25/2014 11:16:45 AM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)127.0.0.1       localhost

Program finished at: 08/25/2014 11:17:20 AM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/20/2011 2:54:42 PM
System Uptime: 8/25/2014 10:39:32 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M3A78-EM
Processor: AMD Phenom™ II X4 940 Processor | AM2 | 3013/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 411.453 GiB free.
D: is FIXED (NTFS) - 465 GiB total, 65.603 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: ehdrv
Device ID: ROOT\LEGACY_EHDRV\0000
Manufacturer:
Name: ehdrv
PNP Device ID: ROOT\LEGACY_EHDRV\0000
Service: ehdrv
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: epfwwfp
Device ID: ROOT\LEGACY_EPFWWFP\0000
Manufacturer:
Name: epfwwfp
PNP Device ID: ROOT\LEGACY_EPFWWFP\0000
Service: epfwwfp
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP784: 8/17/2014 12:00:11 AM - Windows Backup
RP785: 8/19/2014 3:44:23 AM - Windows Update
RP786: 8/22/2014 11:46:54 PM - Windows Modules Installer
RP787: 8/22/2014 11:47:43 PM - Windows Modules Installer
RP788: 8/23/2014 1:34:51 AM - Windows Update
RP789: 8/23/2014 8:41:44 PM - Revo Uninstaller's restore point - ESET Online Scanner v3
RP790: 8/23/2014 10:33:58 PM - Revo Uninstaller's restore point - Advanced SystemCare 7
RP791: 8/24/2014 12:00:05 AM - Windows Backup
RP792: 8/25/2014 9:31:31 AM - Revo Uninstaller's restore point - IObit Uninstaller
RP793: 8/25/2014 9:33:05 AM - Revo Uninstaller's restore point - Surfing Protection
RP794: 8/25/2014 9:34:23 AM - Revo Uninstaller's restore point - LogMeIn
RP795: 8/25/2014 9:36:08 AM - Revo Uninstaller's restore point - Glary Utilities 2.49.0.1600
RP796: 8/25/2014 9:46:21 AM - Removed RegHunter
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
 



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 25 August 2014 - 09:10 PM

Nice to see that you can use REVO, but please, always use with care.

 

AdwCleaner[S23].txt - [10808 octets] - [24/08/2014 23:16:07]

This can confuse us as to whether you are running it several times on the same day, or if it is just old. Always hit Uninstall after you post a report.

I love to see a nice clean version with AdwCleaner[S0].txt . (just me)

 

Just F.Y.I.

Description: ehdrv is ESET disabled

Description: epfwwfp is ESET Firewall disabled -



#12 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 25 August 2014 - 09:48 PM

all tools should be Uninstalled...such as JRT, TFC, as well as AdwCleaner?

 

My ESET was disabled temporarily above.

 

Using REVO "with care"


oops...using REVO with care, I know you mean to be careful what I delete...truth is I don't know how to sort out that stuff!



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:17 AM

Posted 25 August 2014 - 10:18 PM

Thanks for that -

 

Generally you are doing about all that you can at this time, and I am just adding comments till you decide if Post #7 is your best option.

 

Some of what I posted was *Information* as per normal -

 

AdwCleaner needs the program to be opened, and the Uninstall button to be hit, since this also removes all items it has *Quarantined*.

TFC can be kept and hidden in a corner, I use it daily, but I remove JRT via Drag and Drop in Recycle Bin.

All other programs and logs can get the same treatment, then run TFC to clean the bin out.

 

Advanced SystemCare 7 would have been one of the early problem programs, as it will not *mix* with the others.

 

*using REVO with care* I can see that in your history and programs .

 

We are limited in this area, although we can reply quickly and give reasonable responses.

 

Have you done a scan with ESET and seen if there are any changes ??



#14 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 27 August 2014 - 10:42 PM

okay

thanks

I opened AdwCleaner and hit Uninstall

Looking into Post #7 now

Also drug JRT into Recycle bin and then cleaned with TFC

Thanks again

that was really easy!



#15 wpfast

wpfast
  • Topic Starter

  • Members
  • 201 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 27 August 2014 - 11:09 PM

one thing I've noticed

ESET is a really slow/long scan...even the so-called Smart Scan (the only one apparently) goes on for quite a while...

I guess that is normal?

so far the scan is clean but it has a ways to go yet






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users