Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 SP1 (64bit) dreadfully slow, disk access appears constant


  • Please log in to reply
30 replies to this topic

#1 robertp1

robertp1

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 03 December 2014 - 11:02 AM

3 days ago, without any obvious changes, on a cold boot, this laptop, Win7 HomePremSP1 64bit/I3 w/4Gb RAM, 440MB GBHD, 400MB GBfree, has started to run dreadfully slowly... (yes, I know, it was no rocketship to begin with....but...) by the clock, 6 minutes from cold boot to Windows sign in, 9 more minutes until the desktop completely draws.  No errors, no bluescreens.

I have run Mbam, Mbar, and AVG scans, each taking 3-5 hours apiece to scan, cleanly, and substantively slower than previous experience on this particular computer. 

 

Chkdsk reported that master file table's (MFT) BITMAP attribute is incorrect, schedules a scan at next restart, which it appears to do, and then procedes along its very slow way. 

 

Resource Monitor/Disk shows System, svchost(netsvcs) and svchost(LocalServiceNetworkRestricted) as the only Process with disk activity when completely "at rest", no apps running, though often it blanks the screens, as if it itself cannot get enough clockticks to update the display.  Clicking on the start marble takes generally 5-15 seconds for response, and often with incomplete icons. 

Physical memory shows 1328MB in use, 1531 Free, 948 standby, 204 HW reserved, 85 Modified.

 

I have tried to do a clean boot with MSCONFIG to run only startup services, and disabled all non-microsoft services.  No change in results.

It will boot in safe mode, and runs essentially the same slowness. 

 

It is currently isolated, networking disabled, and apparently willing to (at the pace of molasses in winter) run anything that I throw at it. The fact that I am not seeing any errors (other than an occasional application is not responding message) has me somewhat perplexed. 

 

Suggestions/recommendations?


Edited by hamluis, 03 December 2014 - 06:27 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 03 December 2014 - 11:39 AM

Something isn't adding up - only 40MB for W7 SP1? Sounds like there are some parts missing.

Have you checked your RAM? What about security software? Installed, current, clean scan

Keep us posted

 

Dick


Stay well and surf safe [stay protected]

Dick E


#3 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 03 December 2014 - 12:10 PM

Corrected original post HD size to GB, thank you dicke. 

AVG is ant-virus, clean. MBAM/MBAR anti-malware are clean. 

 

Am running Speccy, SecurityCheck, and MniToolbox, (very very slowly) and will post results. 

 

Speccy Link: http://speccy.piriform.com/results/6afLus31yYcqRvNg4iqP5lW

 

Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled!  
AVG AntiVirus 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````

 Malwarebytes Anti-Malware version 2.0.3.1025  
 AVG PC TuneUp 2015  
 AVG PC TuneUp 2015 (en-US)
 AVG PC TuneUp 2015  
 Java™ 6 Update 26  
 Java version 32-bit out of Date!
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Jane (administrator) on 03-12-2014 at 12:00:55
Running from "C:\1"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================




========================= Event log errors: ===============================

Application errors:
==================
Error: (12/03/2014 00:00:05 PM) (Source: PC-Doctor) (User: )
Description: (4840) Asapi: (12:00:05:9060)(4840) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 00:00:00 PM) (Source: PC-Doctor) (User: )
Description: (4840) Asapi: (12:00:00:7270)(4840) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:50:02 AM) (Source: PC-Doctor) (User: )
Description: (5852) Asapi: (11:50:02:4910)(5852) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:50:00 AM) (Source: PC-Doctor) (User: )
Description: (5852) Asapi: (11:50:00:6820)(5852) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:41:38 AM) (Source: PC-Doctor) (User: )
Description: (5664) Asapi: (11:41:38:2560)(5664) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:40:00 AM) (Source: PC-Doctor) (User: )
Description: (5664) Asapi: (11:40:00:5380)(5664) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:30:42 AM) (Source: PC-Doctor) (User: )
Description: (4836) Asapi: (11:30:42:6270)(4836) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:30:42 AM) (Source: PC-Doctor) (User: )
Description: (4836) Asapi: (11:30:42:5960)(4836) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 10:48:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/03/2014 10:48:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/03/2014 11:58:26 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (12/03/2014 11:42:05 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (12/03/2014 11:41:37 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (12/03/2014 11:41:37 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (12/03/2014 11:21:49 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (12/03/2014 11:14:57 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (12/03/2014 11:14:57 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (12/03/2014 11:10:35 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (12/03/2014 11:08:01 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (12/03/2014 11:07:34 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (12/03/2014 00:00:05 PM) (Source: PC-Doctor)(User: )
Description: (4840) Asapi: (12:00:05:9060)(4840) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 00:00:00 PM) (Source: PC-Doctor)(User: )
Description: (4840) Asapi: (12:00:00:7270)(4840) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:50:02 AM) (Source: PC-Doctor)(User: )
Description: (5852) Asapi: (11:50:02:4910)(5852) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:50:00 AM) (Source: PC-Doctor)(User: )
Description: (5852) Asapi: (11:50:00:6820)(5852) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:41:38 AM) (Source: PC-Doctor)(User: )
Description: (5664) Asapi: (11:41:38:2560)(5664) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:40:00 AM) (Source: PC-Doctor)(User: )
Description: (5664) Asapi: (11:40:00:5380)(5664) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 11:30:42 AM) (Source: PC-Doctor)(User: )
Description: (4836) Asapi: (11:30:42:6270)(4836) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (12/03/2014 11:30:42 AM) (Source: PC-Doctor)(User: )
Description: (4836) Asapi: (11:30:42:5960)(4836) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (12/03/2014 10:48:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (12/03/2014 10:48:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe



=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4223 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden
CCScore (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Driver Manager (HKLM-x32\...\{177CD779-4EEC-43C5-8DEA-4E0EC103624B}) (Version: 8.1 - Driver Manager)
ESSCDBK (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
ESSSONIC (x32 Version: 6.2.0001.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Free File Viewer 2011 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Freeze.com NetAssistant (HKCU\...\NetAssistant 3.8.3) (Version: 3.8.3 - Freeze.com)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hoyle Card Games 2005 (HKLM-x32\...\{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Jacquie Lawson Alpine Advent Calendar (HKLM-x32\...\JLAdventCalendarAlpine2012) (Version: 1.0.2 - MicroCourt Limited)
Jacquie Lawson Alpine Advent Calendar (x32 Version: 1.0.2 - MicroCourt Limited) Hidden
Jacquie Lawson Edwardian Advent Calendar (HKLM-x32\...\JLAdventCalendarEdwardian2013) (Version: 1.0.1 - MicroCourt Limited)
Jacquie Lawson Edwardian Advent Calendar (x32 Version: 1.0.1 - MicroCourt Limited) Hidden
Java Auto Updater (x32 Version: 2.0.5.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kgcbaby (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcbase (x32 Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hidden
kgchday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgchlwn (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcinvt (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgckids (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcmove (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgcvday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
KSU (x32 Version: 632.62.0004.0001 - EASTMAN KODAK Company) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Disc 2 (HKLM-x32\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word 2000 SR-1 (HKLM-x32\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetAssistant (x32 Version: 3.8.3 - Freeze.com) Hidden
netbrdg (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Notifier (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
OfotoXMI (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
partypoker.net (HKLM-x32\...\PartyPokerNet) (Version:  - PartyGaming.Net)
PCDADDIN (x32 Version: 6.02.0001.0003 - EASTMAN KODAK Company) Hidden
PCDHELP (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
PDF Converter (HKLM-x32\...\PDF Converter) (Version:  - FreePDFConverter)
Productivity 3.1 Toolbar (HKLM-x32\...\Productivity_3.1 Toolbar) (Version: 6.8.5.1 - Productivity 3.1)
PS_AIO_05_C4600_Software_Min (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.6.2 - Dell Inc.)
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6088 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Search Toolbar (HKLM-x32\...\Search Toolbar) (Version: 1.2 - Zugo Ltd)
SFR (x32 Version: 6.02.0001.0001 - Eastman Kodak Company) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHASTA (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sierra Wireless Watcher (HKLM-x32\...\{FBCD9EB3-4D4D-4D41-A955-C3387106ABE4}) (Version: 7.12.0.0 - Sierra Wireless Inc)
SKIN0001 (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sockupied Spring 2014 (HKLM-x32\...\com.interweave.sockupiedspring2014) (Version: 1.0.0 - F+W Media, Inc.)
Sockupied Spring 2014 (x32 Version: 1.0.0 - F+W Media, Inc.) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speed Test App (HKLM-x32\...\Speed Test) (Version: 4.0.0.0 - Speed Analysis)
staticcr (x32 Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.20.0 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
tooltips (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VPRINTOL (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WIRELESS (x32 Version: 6.02.0001.0001 - EASTMAN KODAK Company) Hidden
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3892.52 MB
Available physical RAM: 2299.17 MB
Total Pagefile: 7783.23 MB
Available Pagefile: 5763.33 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.45 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:392.49 GB) NTFS

========================= Users: ========================================

User accounts for \\JANE-PC

Administrator            Guest                    Jane                     


**** End of log ****

 


Edited by robertp1, 03 December 2014 - 01:10 PM.


#4 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 03 December 2014 - 01:31 PM

Rkill Log: Adwcleaner Log:

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/03/2014 12:20:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/03/2014 12:28:50 PM
Execution time: 0 hours(s), 8 minute(s), and 45 seconds(s)
 

# AdwCleaner v4.103 - Report created 03/12/2014 at 12:52:26
# Updated 01/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jane - JANE-PC
# Running from : E:\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\ProgramData\pcdr
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Freeze.com
Folder Deleted : C:\Program Files (x86)\Search Toolbar
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\w3i
Folder Deleted : C:\Users\Jane\AppData\Local\Conduit
Folder Deleted : C:\Users\Jane\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jane\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Jane\AppData\Roaming\pcdr
Folder Deleted : C:\Users\Jane\Documents\DealRunner
File Deleted : C:\END

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3008668
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3428E3C9-5CC6-48D6-AA4C-09BAF6120E6F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7E236B3B-DC87-4F47-8EF9-E7D5410CD6B0}
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FileTypeAssistant
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetAssistant 3.8.3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C792A75A-2A1F-4991-9B85-291745478A79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.1
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [6565 octets] - [03/12/2014 12:45:04]
AdwCleaner[S0].txt - [5958 octets] - [03/12/2014 12:52:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6018 octets] ##########
 



#5 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 03 December 2014 - 03:02 PM

Any improvement?

 

Dick


Stay well and surf safe [stay protected]

Dick E


#6 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 03 December 2014 - 03:35 PM

None at all... am now doing MBAM configured per the instructions in the *32 virus thread in this forum... currently at 2 hrs, still checking filesystem objects, so far no detected objects. 



#7 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 03 December 2014 - 04:03 PM

I'm assuming that only one of your AV anti-malware programs has an active scanner running. More than one could cause the problem you're seeing.

Keep us posted

 

Dick


Stay well and surf safe [stay protected]

Dick E


#8 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 03 December 2014 - 05:02 PM

MBAM scan completed in just under 3 hours. CLEAN.

Neither AVG nor MBAM was installed when the problem originated, but, yes, once everything shows clean.

All "real-time" protection is disabled. AVG, MBAM, Defender.

 

So what is the next logical step...

:flamethrower:

Thanks,

Rob



#9 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 04 December 2014 - 07:50 AM

Rob,

Not sure about the next 'logical' step. We're nearing the end of my comfort line on recommendations. I would try

http://www.eset.com/us/online-scanner/

It will bypass most of the self protections that infections set. My [maybe] last recommendation would be

http://www.memtest.org/

To test your RAM. After that I may have to call for help from one of the many 'real' experts that frequent here

Keep us posted

 

Dick


Stay well and surf safe [stay protected]

Dick E


#10 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 04 December 2014 - 11:39 AM

running those tests now. will update when completed...remembering that disk i/0 is awful...might not be till late afternoon.

 

(on an upside, it is nice to see the computer hard drive light not completely pegged for a change...running memtest)


Edited by robertp1, 04 December 2014 - 12:00 PM.


#11 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 05 December 2014 - 07:23 AM

No improvement... in fact, its even slower than before....

 

MEMTEST comes back clean....that is to say, it will run over and over and over...without any errors showing up on the screen, and without rebooting or freezing up (which, from the MEMTEST forum seems to be a fairly common occurance if something is wrong with memory).  ESET finds the same PUA that Mbam finds, although the ESET scan took 8+ hours.

ESET log:

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Toolbar\SearchToolbarUpdater.exe.vir    Win32/Toolbar.Zugo potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jane\AppData\Local\Conduit\CT3008668\Productivity_3.1AutoUpdateHelper.exe.vir    Win32/Toolbar.Conduit.Q potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Productivity_3.1\ldrtbProd.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Productivity_3.1\Productivity_3.1ToolbarHelper.exe    Win32/Toolbar.Conduit.Q potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll    Win32/Toolbar.Conduit.O potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Productivity_3.1\tbProd.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\Local\Productivity_3.1\ldrtbProd.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\Local\Productivity_3.1\tbProd.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\Local\Productivity_3.1\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\LocalLow\Productivity_3.1\ldrtbProd.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\LocalLow\Productivity_3.1\tbProd.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Users\Jane\AppData\LocalLow\Productivity_3.1\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application    deleted - quarantined
C:\Users\Jane\Downloads\openofficewriter-setup.exe    Win32/DownloadAdmin.A.Gen potentially unwanted application    deleted - quarantined



#12 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 05 December 2014 - 08:56 AM

Looks like a lot of trash [PUPs] have been removed. That should have helped.

The memtest results make me think you might want to check each stick to see which one is failing.

Keep us posted

 

Dick


Stay well and surf safe [stay protected]

Dick E


#13 robertp1

robertp1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 05 December 2014 - 11:42 AM

I guess I was unclear.  Memtest shows no errors. It will run continuously, (as in for hours), unless I stop it.

 

ESET found no malware, just some generic crud, which MBAM also found.

 

As far as I can tell, nothing that I have tried, or that you have recommended has found any problems.

Certainly there is no improvement.

 

Will someone be picking up this thread? Or, has my posting of logs and such in advance of requests to do so created some ill will... I was just trying to follow the first steps is Speccy and Security Check which are often, but, truly in my thread not, requested as first steps. 

 

I appreciate you attempts to assist, however, I don't think we are getting anywhere....yet, at least!

 

Thanks,

Rob



#14 dicke

dicke

    Paraclete


  • Members
  • 2,193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:12:43 AM

Posted 05 December 2014 - 02:05 PM

Rob,

I agree. You need more/better help than I can provide. Hopefully one of the more experienced members will pick up from here.

 

Dick


Stay well and surf safe [stay protected]

Dick E


#15 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:11:43 PM

Posted 05 December 2014 - 02:11 PM

Robert, I will put out a call for someone to help you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users