Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not responding and I paid for this?


  • Please log in to reply
19 replies to this topic

#1 chellethesouthernbel

chellethesouthernbel

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 28 December 2014 - 12:24 PM

My computer is "not responding" to every program I try and use...email, browsers, command prompt, etc...Sadly I think I paid for it to be this way.... for several wks now I've been getting some slow programs, and not responding errors, script hanging up etc...so I had a local tech do some remote work...He was going to clean it and put a new antivirus program on it for me...promised it would be faster...I watched everything he done remotely and everything seemed legit, but after he got done it was worse than ever...I mean it would not hardly operate at all...so I googled the problem and the suggestion was do a scannow...which I did and if did not find anything, but the computer ran like a new one for several hours and then all of a sudden it shut down unexpectedly and when it restarted, it was right back to hanging up on every program again....I have booted up using only the necessary programs and it's running some better but not much...Has to be something on here causing it I think, but I don't know what to do to find out or how to fix it...I am a little bit computer savvy, but not a whiz by a long shot...can someone please help me.  My system is windows 7, Dell Inspiron, the rest of the operating system is on the attached photo...I could not copy the info so I did a screen snip. He put Advanced System Care Ultimate on here as an antivirus program....He did not create a restore point before making all the changes either... :(Attached File  Capture.JPG   43.82KB   0 downloads


Edited by hamluis, 28 December 2014 - 01:54 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:57 PM

Posted 28 December 2014 - 12:29 PM

Please read this for more information.

IMO, I would recommend you uninstall Advanced System Care ASAP. I do not recommend using any IOBit products at all - considering their shady business ethics. (there is more, but a Moderator can get you more information)

If you need a replacement for ASC, I recommend Avast!, AVG or Microsoft Security Essentials for free non-commercial everyday use. For additional malware protection I recommend Malwarebytes Anti-Malware (MBAM).

#3 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 28 December 2014 - 12:39 PM

sorry I posted this twice and can't find delete...I'm hoping a moderator will delete one



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:57 PM

Posted 28 December 2014 - 12:49 PM

sorry I posted this twice and can't find delete...I'm hoping a moderator will delete one


Your double post has been removed.

#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:57 AM

Posted 28 December 2014 - 01:36 PM

Hello -

EDIT - There was no attached photo, but this will tell us more ..... and it is better to start with what we use ......

 

Please start with a few diagnostics, and we may run a couple of quick cleaners as well (all very painless)

 

Firdt -

Download Screen317 Security Check from Here or Here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please Copy/Paste the contents of that document.

Note 1:: If any security program requests permission to access the Internet, allow it to (the program is 100% OK, and I use it on all of mine)
Note 2. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message, (or similar) restart computer and Security Check should run

 

 

 

Next -

Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • Flush DNS
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

 Click Go and Copy / Paste the result. (result.txt)

 

And Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only Copy / Paste the link)

 

 

 

Now A quick clean.

Please download and RKill by Grinler. to Desktop Double click it to run it.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.
 
Do not reboot your computer until you complete the next step.

Next :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
  • **Copy and Paste the contents of that log in your next reply.**
  • To restore an item that has been deleted by accident : Open the program again,
  • Go to Tools (top left) > Quarantine Manager > check what you want restored > now click on Restore.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

Next
Please download Junkware Removal Tool to your desktop.
* Temporarily Disable your Antivirus now to avoid potential conflicts.
* Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
* The tool will open and start scanning your system.
* Please be patient as this can take a while to complete depending on your system's specifications.
* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
* Post the contents of JRT.txt into your next message.

 

 

Please download Malwarebytes Anti-Malware If the program is installed, be sure to update it

  • Follow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked to re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

 

 

And finally -

Run ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

Thank You -


Edited by noknojon, 28 December 2014 - 01:42 PM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:57 AM

Posted 28 December 2014 - 04:18 PM

The Next Step is : Use this first if you have problems with any other listed tools.

 

Always ask if things are building up too quickly on you .................

 

 

Please download Powelikscleaner (by ESET) and save it to your Desktop.

  • Double-click the 3.png to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

1.png
2.png



#7 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 28 December 2014 - 06:00 PM

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Advanced SystemCare Ultimate   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Java 7 Update 72  
 Java version 32-bit out of Date!
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (34.0)
````````Process Check: objlist.exe by Laurent````````  
 IObit Advanced SystemCare Ultimate 7 ASCAntivirusFix.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Chelle (administrator) on 28-12-2014 at 14:19:54
Running from "C:\Users\Chelle\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/28/2014 00:14:05 PM) (Source: Application Hang) (User: )
Description: The program SnippingTool.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f10

Start Time: 01d022c12ea46056

Termination Time: 8

Application Path: C:\Windows\system32\SnippingTool.exe

Report Id: c25dacde-8eb4-11e4-a9a5-f04da27b94bf

Error: (12/28/2014 11:08:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -550.

Error: (12/28/2014 11:08:31 AM) (Source: ESENT) (User: )
Description: taskhost (1572) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Chelle\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/28/2014 01:26:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (12/27/2014 03:32:18 PM) (Source: Application Hang) (User: )
Description: The program e-Sword.exe version 10.1.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: cc0

Start Time: 01d0220fb316e4ff

Termination Time: 16

Application Path: C:\Program Files (x86)\e-Sword\e-Sword.exe

Report Id: bbbbaee6-8e06-11e4-902c-f04da27b94bf

Error: (12/27/2014 00:36:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -550.

Error: (12/27/2014 00:36:31 PM) (Source: ESENT) (User: )
Description: taskhost (2204) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Chelle\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/24/2014 08:14:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (12/24/2014 00:21:40 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/24/2014 00:15:42 AM) (Source: MsiInstaller) (User: CHELLESDELL)
Description: Product: Facebook Video Calling 1.2.0.287 -- Error 1316. The specified account already exists.


System errors:
=============
Error: (12/28/2014 01:10:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (12/28/2014 11:08:16 AM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 10 service failed to start due to the following error:
%%2

Error: (12/28/2014 11:07:58 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:06:29 AM on ‎12/‎28/‎2014 was unexpected.

Error: (12/28/2014 10:55:53 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (12/27/2014 03:02:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.

Error: (12/27/2014 02:54:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (12/27/2014 02:32:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service hung on starting.

Error: (12/27/2014 02:28:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Error: (12/27/2014 02:25:28 PM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 10 service failed to start due to the following error:
%%2

Error: (12/27/2014 01:59:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf


Microsoft Office Sessions:
=========================
Error: (12/28/2014 00:14:05 PM) (Source: Application Hang)(User: )
Description: SnippingTool.exe6.1.7600.16385f1001d022c12ea460568C:\Windows\system32\SnippingTool.exec25dacde-8eb4-11e4-a9a5-f04da27b94bf

Error: (12/28/2014 11:08:50 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -550

Error: (12/28/2014 11:08:31 AM) (Source: ESENT)(User: )
Description: taskhost1572WebCacheLocal: C:\Users\Chelle\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (12/28/2014 01:26:12 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (12/27/2014 03:32:18 PM) (Source: Application Hang)(User: )
Description: e-Sword.exe10.1.0.0cc001d0220fb316e4ff16C:\Program Files (x86)\e-Sword\e-Sword.exebbbbaee6-8e06-11e4-902c-f04da27b94bf

Error: (12/27/2014 00:36:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -550

Error: (12/27/2014 00:36:31 PM) (Source: ESENT)(User: )
Description: taskhost2204WebCacheLocal: C:\Users\Chelle\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (12/24/2014 08:14:13 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (12/24/2014 00:21:40 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/24/2014 00:15:42 AM) (Source: MsiInstaller)(User: CHELLESDELL)
Description: Product: Facebook Video Calling 1.2.0.287 -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)



=========================== Installed Programs ============================
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 7 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.1.0 - IObit)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
e-Sword (HKLM-x32\...\{118071AB-6572-4FAD-A1FD-67264C994350}) (Version: 10.01.0000 - Rick Meyers)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IObit Apps Toolbar v7.6 (HKLM-x32\...\{CA980191-C880-46B2-87B8-A2C71656AD3F}) (Version: 7.6 - Spigot, Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.30 - IObit)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java Auto Updater (x32 Version: 2.1.72.14 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 2008.36 MB
Available physical RAM: 529.25 MB
Total Pagefile: 4016.73 MB
Available Pagefile: 2349.28 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.98 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:147.05 GB) NTFS

========================= Users: ========================================

User accounts for \\CHELLESDELL

Administrator            Chelle                   Guest                    


**** End of log ****

 

 

 

 

http://speccy.piriform.com/results/yhloikVTCmEAfSmBYYwMQCx

 

 

 

 

Rkill did not seem to finish...the last line said 'performing miscellaneous checks" and never done anything else after 35 minutes. I ran it 3 xs here's the text:

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/28/2014 03:32:12 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Chelle on Sun 12/28/2014 at 16:46:17.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-451D-94DB-32EF802A01CD}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5DB69B97-934B-451D-94DB-32EF802A01CD}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-451D-94DB-32EF802A01CD}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5DB69B97-934B-451D-94DB-32EF802A01CD}



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-F2CC6776.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERBOOSTER.EXE-137BF219.pf
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Chelle\AppData\Roaming\pcdr"



~~~ FireFox

Emptied folder: C:\Users\Chelle\AppData\Roaming\mozilla\firefox\profiles\8nphcbub.default-1380730209616\minidumps [12 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/28/2014 at 17:44:06.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#8 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 28 December 2014 - 06:01 PM

still have to do malware and eset...be back in a while



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:57 AM

Posted 28 December 2014 - 07:43 PM

Well they have missed quite a bit,

 

Please update your Flash Player version from the Adobe site Here Version 16 is current (not 15)
Untick any free offer to install McAfee, or similar programs (it is just advertising)
 

Uninstall IObit  With their Uninstaller Here First then use this tool as well
IObit full Cleaner> Information and Tool or just Tool (Note: Cleans left-overs after a normal uninstall)

Once all of IObit is gone, please install Microsoft Security Essentials, as it will Auto update all the time
 

Errors like The TeamViewer 10 service failed, is the program that your remote helper would have used .
Plus .... Facebook Video Calling  Errors ....... Well I can not tell you to cancel or not use your Facebook, but I would remove it, and  start from fresh.
 

Percentage of memory in use: 73%
Total physical RAM: 2008.36 MB
       << These 2 items show that you need to double your RAM Sticks (a bit more later) .......

 

From your Hard Drive we get a Warning that usually means it is badly worn and needs replacing soon (3 months at the most ?)

Quote =
Status: Warning - Temperature: 44 °C  << (Temperature is a bit high, but it is badly overworked for the size of the storage listed)

There is no specific reason given for the failure, but I could guess it may be a XP computer that was upgraded to a Windows 7.

 

It is very hard to estimate these problems, as I do not know how much you use it daily



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:57 AM

Posted 29 December 2014 - 02:07 AM

I think I left the first link for Rkill Link 1
But I would like you to try Link 2 or even Link 3 that are Renamed Versions, and may run.

 

Do not let it run more than 5 or 10 minutes, and then try the next version (on mine it runs in about 30 seconds) .......

 

Thanks -
 



#11 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 29 December 2014 - 03:12 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/28/2014
Scan Time: 7:51:53 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.28.12
Rootkit Database: v2014.12.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chelle

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337753
Time Elapsed: 4 hr, 1 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#12 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 29 December 2014 - 10:27 AM

I use my computer every day, and am on it almost all day long...playing games, on facebook, or watching online college classes.... the last two programs you suggested I run, ESet did not make a log or have an export button that I could find.. and it did not let me copy the lst.....it did list 3 potential unwanted items,  they were spsetup127.exe; cc501setup.exe ; (these two you had me download) and  programdata/iobt/ascdownloader/advancedsystemcare.exe (this one the tech I paid had me download)  lol...what's up with that? lol Does that mean if I use those programs my computer is still at risk?

 

The other Eset scan powelikcleaner did not reveal any win32/poweliks threats.

 

 

So I have a couple updates to do now and remove the unwanted programs...the one I paid for....grrrrr....lol....The get Windows Essentials, is that a sufficient antivirus program?  I should not download AVG or Avast?


Edited by chellethesouthernbel, 29 December 2014 - 10:35 AM.


#13 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 29 December 2014 - 10:44 AM

rkill took about 1 1/2 minutes,

but did finish this time....

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/29/2014 10:39:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com
  127.0.0.1    100sexlinks.com

  20 out of 15452 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 12/29/2014 10:40:35 AM
Execution time: 0 hours(s), 1 minute(s), and 28 seconds(s)
 

 

 

 

I'm about to update Java, and Flashplayer, as well as enable the UAC....awaiting further instructions for when you get back on :)



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:57 AM

Posted 29 December 2014 - 03:40 PM


The get Windows Essentials, is that a sufficient antivirus program?  I should not download AVG or Avast?

I have only used Microsoft Security Essentials (M.S.E.) on my Windows 7 (and now extinct XP units) for years and never had, what I would call "any problems".

Placed up against AVG or avast that have constant "nag screens" asking you to buy the programs, and other useless information.

 

You may be slowing a bit as the HDD is dying, and no amount of dressing up / make-up will prevent this over the next month or 3 !!

I only tell you this, as you must consider buying another computer or spend money on replacing major parts in this one, as it shows that parts are dying.

Since it seems to be a major part of your current life, I would say to replace it, but the choice is yours alone. Constant daily use will not help it from what I can see.

 

The memory is too small, and this is not helping. I can bet that you have emails saved from a few years ago, plus your F/book usage, is a hard wearer. I am not telling you to throw things away, or to stop using anything that you wish to, but from here we can only read what is posted.

 

1 / Please tell us how the problems are now, and has anything improved and I can follow up from there.

 

2 / Please post another snapshot with Speccy for updated details - How to Publish a snapshot with Speccy << Reposted link.

 

Thank You -



#15 chellethesouthernbel

chellethesouthernbel
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Milltown GA
  • Local time:04:57 PM

Posted 29 December 2014 - 05:00 PM

I do save some emails that pertain to business...the rest I delete quite frequently...but facebook is my social life :) lol...I'm afraid I may not be able to do anything else on my dell...yesterday it was running pretty good but once I restarted this morning...to finish the uninstalls and install windows essentials...I'm afraid it's not going to get done...it's been going for 4 hrs and only 7% complete....so I'm using my other laptop...which runs on window 8.1 and I hate it...so the speccy prolly ain't gonna happen...but thanks for the help...I"m out 50 bucks and several hours of wasted time....I don't know why the local tech didn't do all these scans and save me some time and money...grrrr....thanks so much!!!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users