Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected. Really need help


  • Please log in to reply
19 replies to this topic

#1 farmgirl806

farmgirl806

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 18 November 2015 - 11:27 AM

Sure hope someone can help me.   I have an acer netbook.  It has windows 7 starter with 219 GB hard drive and 176GB is free.   It has 2GB ram and is 32 Bit with an Intel processer.  I am unable to upgrade to windows 10 because there is no upgrade for my realtec  audio I believe.  But today the problem I am having is that the computer is running very  slow with many unresponsive pages.  It makes no difference which browser I use chrome,firefox or IE are all slow.  It is almost unusable.   I have run malwarebytes in safe mode and also Avast.  Neither found anything   I have deleted the temp files and restarted many times but it still doesn't help.  Can you help me?Thanks



BC AdBot (Login to Remove)

 


#2 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 18 November 2015 - 01:16 PM

Hi farmgirl806! :welcome: to the AII fourms. My name is loki and I will be assisting you. Please follow the steps below and don't hesitate to reply to this thread if you have any questions about any of my instructions.
 
 
Step 1:
 
3Al62Pm.pngMiniToolBox

  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option your Firefox browser should be closed.

Once the scan is complete please copy and paste the log in your next reply!

 

Things I would like to see in your next reply:

 

Log from MiniToolBox

 

loki


 
Member of the Bleeping Computer A.I.I. early response team!

#3 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 18 November 2015 - 04:29 PM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by me (administrator) on 18-11-2015 at 14:17:44
Running from "C:\Users\me\Downloads"
Microsoft Windows 7 Starter  Service Pack 1 (X86)
Model: AOD257 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
0.0.0.1 mssplus.mcafee.com
========================= IP Configuration: ================================

Atheros AR5B95 Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : me-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR5B95 Wireless Network Adapter
   Physical Address. . . . . . . . . : C0-F8-DA-1B-D8-CF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f0de:d42:a8ab:ce6e%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, November 18, 2015 4:49:00 AM
   Lease Expires . . . . . . . . . . : Wednesday, November 18, 2015 4:08:24 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 398522586
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-49-E2-F6-E8-9A-8F-20-1A-86
   DNS Servers . . . . . . . . . . . : 167.142.225.3
                                       167.142.225.5
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : E8-9A-8F-20-1A-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D8306D51-D39E-435B-BA4F-6C4478E77C2C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1A4B8940-89F6-490C-BCE0-24B7D1A3C79D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns3.netins.net
Address:  167.142.225.3

Name:    google.com
Addresses:  2607:f8b0:4009:80b::200e
   216.58.216.78

Pinging google.com [216.58.216.78] with 32 bytes of data:
Reply from 216.58.216.78: bytes=32 time=48ms TTL=52
Reply from 216.58.216.78: bytes=32 time=49ms TTL=52

Ping statistics for 216.58.216.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 49ms, Average = 48ms
Server:  dns3.netins.net
Address:  167.142.225.3

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
   2001:4998:c:a06::2:4008
   2001:4998:44:204::a7
   98.138.253.109
   206.190.36.45
   98.139.183.24

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=67ms TTL=49
Reply from 98.138.253.109: bytes=32 time=66ms TTL=49

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 66ms, Maximum = 67ms, Average = 66ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...c0 f8 da 1b d8 cf ......Atheros AR5B95 Wireless Network Adapter
 11...e8 9a 8f 20 1a 86 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.104    281
    192.168.1.104  255.255.255.255         On-link     192.168.1.104    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.104    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::f0de:d42:a8ab:ce6e/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [] ()
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [] ()
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/18/2015 09:01:00 AM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7dc

Start Time: 01d12206e8a5aa03

Termination Time: 124

Application Path: C:\Users\me\Desktop\OTL.exe

Report Id:

Error: (11/18/2015 08:58:04 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ab0

Start Time: 01d122052efec6b5

Termination Time: 234

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:35:20 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1de0

Start Time: 01d1220464b7daa3

Termination Time: 8675

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:24:03 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11c4

Start Time: 01d12204461691d1

Termination Time: 280

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:23:12 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c84

Start Time: 01d12202fa6b415d

Termination Time: 52

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:18:55 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1250

Start Time: 01d12202fa53739a

Termination Time: 259

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:18:41 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17c8

Start Time: 01d12202fa55d4fa

Termination Time: 313

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 07:13:00 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18098 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1080

Start Time: 01d121f79d731327

Termination Time: 12276

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2015 06:59:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059

Error: (11/18/2015 06:59:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059

System errors:
=============
Error: (11/18/2015 02:16:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:14:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:12:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:10:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:08:57 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:06:57 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:04:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:02:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 02:00:56 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Error: (11/18/2015 01:58:57 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Acer.

Microsoft Office Sessions:
=========================
Error: (11/18/2015 09:01:00 AM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.07dc01d12206e8a5aa03124C:\Users\me\Desktop\OTL.exe

Error: (11/18/2015 08:58:04 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.180981ab001d122052efec6b5234C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:35:20 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.180981de001d1220464b7daa38675C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:24:03 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1809811c401d12204461691d1280C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:23:12 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.180981c8401d12202fa6b415d52C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:18:55 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.18098125001d12202fa53739a259C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:18:41 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1809817c801d12202fa55d4fa313C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 07:13:00 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.18098108001d121f79d73132712276C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/18/2015 06:59:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059

Error: (11/18/2015 06:59:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059

=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Acer Crystal Eye Webcam (HKLM\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1510 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1510 - CyberLink Corp.)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.2.4 - WildTangent)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0310.2011 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3004 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{0274D240-4D1D-4FDA-9A36-09F0BECD288F}) (Version: 19.0.0.190 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824161310}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIO_CDB_Software (HKLM\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 10.4.2233 - AVAST Software)
Bejeweled 2 Deluxe (HKLM\...\WTA-6d94ebc6-093f-4457-a2bb-e14cd0623b78) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Chuzzle Deluxe (HKLM\...\WTA-84293c90-8614-4d1f-9618-87d6e45c7c21) (Version: 2.2.0.95 - WildTangent) Hidden
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM\...\WTA-4da2a01e-5dd7-490e-9756-8161879d952b) (Version: 2.2.0.95 - WildTangent) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Galerie de photos Windows Live (HKLM\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
iTunes (HKLM\...\{A3875CED-8B9B-47F5-9AB9-0C36DD2D8D18}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.65.17 - Oracle Corporation) Hidden
Jewel Quest Heritage (HKLM\...\WTA-fbebd72a-69ef-4c3f-8784-9734e8f3766e) (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (HKLM\...\WTA-723a7290-b691-44d5-a51c-9d8adadfb7e1) (Version: 2.2.0.95 - WildTangent) Hidden
JoJo's Fashion Show (HKLM\...\WTA-c3577a0d-5157-42bb-9827-d49b36a70f9a) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.4 - Acer Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.226.1 - McAfee, Inc.)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker 4 (HKLM\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
Network (HKLM\...\{75247E38-5C9B-45D6-ADF8-E11CB56B4990}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NOOK for PC (HKLM\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Norton Security Scan (HKLM\...\NSS) (Version: 4.3.0.43 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Penguins! (HKLM\...\WTA-f762abc2-b8ac-4dca-8c2b-19ae6ed15bbd) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM\...\WTA-b6f77bab-57b3-416e-ab1b-50c6e03f7bad) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM\...\WTA-e66faf36-99fa-41c4-9ba5-c029517124cc) (Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (HKLM\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
SignBlazer Elements (HKLM\...\SignBlazer Elements7) (Version: 7 - USCutter)
SignBlazer5.5 XP buttons (HKLM\...\{af6131fc-32da-45ea-a1e7-fe634f8f2722}.sdb) (Version:  - )
Skip-Bo - Castaway Caper (HKLM\...\WTA-c1899df0-aaa0-422e-a2f5-58449f2e6afa) (Version: 2.2.0.95 - WildTangent) Hidden
Slingo Deluxe (HKLM\...\WTA-3795bb7a-896f-4997-8e8f-59ea1525af38) (Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (HKLM\...\WTA-2fc7ae9f-5e0f-409b-a23a-e6f531fd3091) (Version: 2.2.0.95 - WildTangent) Hidden
Tradewinds Legends (HKLM\...\WTA-2c429b72-9a5a-4425-92d0-d749c134db9c) (Version: 2.2.0.95 - WildTangent) Hidden
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (HKLM\...\WTA-2bcc3325-a4a8-4784-ab36-77d843bb1236) (Version: 2.2.0.95 - WildTangent) Hidden
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (HKLM\...\WTA-9a60c0bd-bd3e-48af-b35d-e7e9142e0fad) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
WildTangent Games App (Acer Games) (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.3.57 - WildTangent) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Zuma Deluxe (HKLM\...\WTA-5775b8c1-4996-4932-aed6-8e9809a0871d) (Version: 2.2.0.95 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 2035.87 MB
Available physical RAM: 1228.76 MB
Total Virtual: 4071.73 MB
Available Virtual: 2686.56 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:219.79 GB) (Free:177.13 GB) NTFS

========================= Users: ========================================

User accounts for \\ME-PC

Administrator            Guest                    me                      

**** End of log ****

 



#4 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 18 November 2015 - 07:02 PM

Hi again farmgirl806, I am still reviewing your log file from MiniToolBox but while I am doing that please follow the step below to check if your hard drive is failing. The scan will take some time so please be patient.
 
Step 1:

S8ANNnz.pngGSmartControl
Follow the instructions below to test your hard drive health with GSmartControl:

  • Download GSmartControl and save it on your Desktop;
  • Extract the content of the GSmartControl .zip archive and execute gsmartcontrol.exe;
  • Identify your drive in the list, and double-click on it to bring up it's window (usually you'll find your drive by it's size or it's brand name);
  • Go in the Perform Tests tab, then select Extended Self-test in the Test type drop-down list and click on Execute (this test can take a few hours to complete);
  • Once the test is over, the results will be displayed at the bottom of the window. Please copy and paste these results in your next reply;
  • Also, go in the Attributes tab and if you have any entries highlighted in red or pink, copy and paste their name in your next reply (or take a screenshot of the GSmartControl window and attach it in your next reply);
    info_failing.png

I would like to see the results of your GSMART scan in your next reply. Thanks,

 

loki


 
Member of the Bleeping Computer A.I.I. early response team!

#5 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 19 November 2015 - 01:16 AM






smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Device Model: Hitachi HTS543225A7A384
Serial Number: E242124200HL9K
LU WWN Device Id: 5 000cca 693c03a86
Firmware Version: ESBOA90B
User Capacity: 250,059,350,016 bytes [250 GB]
Sector Size: 512 bytes logical/physical
Device is: Not in smartctl database [for details use: -P showall]
ATA Version is: 8
ATA Standard is: ATA-8-ACS revision 6
Local Time is: Thu Nov 19 00:11:21 2015 CST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status: (0x00) Offline data collection activity
was never started.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 45) seconds.
Offline data collection
capabilities: (0x5b) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 2) minutes.
Extended self-test routine
recommended polling time: ( 82) minutes.
SCT capabilities: (0x003d) SCT Status supported.
SCT Error Recovery Control supported.
SCT Feature Control supported.
SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate 0x000b 100 100 062 Pre-fail Always - 0
2 Throughput_Performance 0x0005 100 100 040 Pre-fail Offline - 0
3 Spin_Up_Time 0x0007 232 232 033 Pre-fail Always - 1
4 Start_Stop_Count 0x0012 094 094 000 Old_age Always - 10498
5 Reallocated_Sector_Ct 0x0033 100 100 005 Pre-fail Always - 0
7 Seek_Error_Rate 0x000b 100 100 067 Pre-fail Always - 0
8 Seek_Time_Performance 0x0005 100 100 040 Pre-fail Offline - 0
9 Power_On_Hours 0x0012 085 085 000 Old_age Always - 6768
10 Spin_Retry_Count 0x0013 100 100 060 Pre-fail Always - 0
12 Power_Cycle_Count 0x0032 095 095 000 Old_age Always - 9136
191 G-Sense_Error_Rate 0x000a 100 100 000 Old_age Always - 0
192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 68
193 Load_Cycle_Count 0x0012 077 077 000 Old_age Always - 239984
194 Temperature_Celsius 0x0002 193 193 000 Old_age Always - 31 (Min/Max 10/47)
196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0
197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0
198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0
199 UDMA_CRC_Error_Count 0x000a 200 200 000 Old_age Always - 0
223 Load_Retry_Count 0x000a 100 100 000 Old_age Always - 0

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Extended offline Completed without error 00% 6767 -

SMART Selective self-test log data structure revision number 1
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

#6 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 19 November 2015 - 01:25 AM

I did not see anything on the attributes that was red or pink. Hope I didthis right for you

Edited by farmgirl806, 19 November 2015 - 01:32 AM.


#7 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 19 November 2015 - 09:07 AM

:thumbup2:  We need to run a few commands. Please follow the steps below and be sure to ask questions if you don't understand something:
 
 
Step 1:

We need to run a command:

  • Press the windows key Windows_Logo_key.gif
  • In the 10-16-2011%204-33-46%20PM.png box, enter cmd
  • Underneath "Programs (1)" right click "cmd" and choose 10-16-2011%204-40-48%20PM.png.
  • Please Copy and Paste the contents from the code box below into the command window:
netsh winsock reset
chkdsk c: /R | shutdown /r /t 10

Your computer will restart and chkdsk will run. This make take a while so please be patient. 

 

warning.gifIObit Software Warning!

 

I noticed that you have programs from IObit installed on your system. IObit have been accused in the past from using shady techniques in order to promote and enhance their products, one of which was to steal Malwarebytes' definition database to include it in their "Antimalware", IObit Malware Fighter. On top of that, their main product, Advanced SystemCare, goes into the "PC Booster" category of program, which are useless programs since there's no proofs or facts that these actually boost the performance of a system, and are borderline "scamware". In fact, these programs have a tendency to cause a variety of issues under Windows, that can be solved by uninstalling the software, ironic isn't it? Most of their features can be replaced by using other programs, often, utilities that requires no installation or that are already "built-in" inside Windows. Therefore, I strongly suggest you to uninstall every IObit program you have installed on your system before we continue. You are free to reinstall them after I'm done assisting you if you wish to ignore my warning above.
 
Below are articles that relates the Malwarebytes VS IObit episode and also why IObit failed as a company and within it's products.

Credit to Aura for his canned speech on IOBit

 

 

Step 2:
 
Please uninstall these programs:

  • McAfee Security Scan Plus
  • Norton Security Scan
  • IOBit Unistaller
  • Surfing Protection
  • Adobe AIR

 

Please let me know if you encounter any problems with the steps above. Also you mentioned running Malwarebytes in safe mode, why in safe mode? Will the program run when you start the computer normally? if so please run a scan with Malwarebytes again and let me know if it has detected anything. Thanks,

 

loki


 
Member of the Bleeping Computer A.I.I. early response team!

#8 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 19 November 2015 - 09:41 PM

Hi! Sorry it took so long to respond.I was able to reset the winsock but chkdsk doesnt run after restart. I copied both lines and pasted in to cmd. I know it fixed or reset wisock but after that nothing happens. I restarted and still no chkdisk. I restarted the computer also.

I truly value your opinion on stuff and have uninstalled the programs you listed. I will not be reinstalling them either because if you think they would be a problem then I don't want them.I am really not sure how I got them anyway.

Is there another way to run chkdsk?

I ran malwarebytes in safe mode because I had read that it would be better but I will run that now in regular mode. I ran malwarebytes in regular mode and it found nothing.

#9 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 20 November 2015 - 07:42 AM

Malwarebytes is more effective when run in normal mode because it is able to scan more areas that are not loaded when run in safemode. Also certain components of Malwarebytes are not loaded when the program is run in safe mode.  :thumbup2:  Glad to hear you ran it and it found nothing! 
 
Lets try to run chkdsk again, this time we will change it up a little bit. Remember, when it runs it will take a while so please be patient.
 
Step 1:
 
We need to run a command:

  • Press the windows key Windows_Logo_key.gif
  • In the 10-16-2011%204-33-46%20PM.png box, enter cmd
  • Underneath "Programs (1)" right click "cmd" and choose 10-16-2011%204-40-48%20PM.png.
  • Please Copy and Paste the contents from the code box below into the command window:
chkdsk /R
  • The command should tell you that "Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N) " Press Y
  • Please restart your computer. Chkdsk should now run.

Your computer will restart and chkdsk will run. This make take a while so please be patient.
 
Step 2:
 
zcMPezJ.pngAdwCleaner
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 3:
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

In your next reply I would like to know if chkdsk was able to run this time along with your logs from AdwCleaner and JRT. Also, how is your computer running?

 

loki


 
Member of the Bleeping Computer A.I.I. early response team!

#10 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 20 November 2015 - 07:10 PM

hi.Here is the junkware log

 

File System: 25

Failed to delete: C:\Program Files\reimage (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\reimage protector (Folder)
Successfully deleted: C:\rei (Folder)
Successfully deleted: C:\Users\me\AppData\Local\{01FC7658-38ED-4745-91A7-9D5C1ABDE2E0} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{03A806E6-EEE3-4804-9530-B519FF3D1D29} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{307A0E69-F98F-480C-A7EF-12BF3289E4BE} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{38EE893C-5E6A-40F4-96D8-989AFA63CDF4} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{49FF7791-BFDE-43E2-8891-AE03381F31DB} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{5B2B15C2-ED44-4913-AFA5-558E3417E886} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{67C5C4CD-FB2B-4E91-B26E-AA4C4007F15A} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{6A667ED7-E232-4B08-A226-4D5E908E8816} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{8C5234F2-9541-43C0-934C-87A7D702F0AE} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{E00D9CF6-9990-4896-933F-C3EC72248038} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{EF9C4237-4BF3-487D-9E65-1122427532CF} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{F74ED9BE-DDAF-4B0A-9FC4-B0B206DCB17C} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{FD186B37-E142-4153-8C1C-902921A59466} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Local\{FF4326A6-19D7-40F3-A4FF-8495355681BF} (Empty Folder)
Successfully deleted: C:\Users\me\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\reimage.ini (File)
Successfully deleted: C:\Windows\Tasks\ReimageUpdater.job (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files\max uninstaller (Folder)
Successfully deleted: C:\Windows\System32\sho4A87.tmp (File)
Successfully deleted: C:\Windows\System32\shoB7E5.tmp (File)

 

Registry: 2

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\ReimageRealTimeProtector (Registry Key)
Successfully deleted: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/20/2015 at 17:51:52.51
End of JRT log

 

 

And here is the AdwCleaner log

 

# AdwCleaner v5.021 - Logfile created 20/11/2015 at 17:10:23
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.4 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : me - ME-PC
# Running from : C:\Users\me\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : ReimageRealTimeProtector

***** [ Folders ] *****

Folder Found : C:\rei
Folder Found : C:\Program Files\Reimage
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\Users\me\AppData\LocalLow\HPAppData
Folder Found : C:\Users\me\AppData\Roaming\Yahoo!\Companion
Folder Found : C:\Windows\system32\config\systemprofile\AppData\Roaming\Yahoo!\Companion

***** [ Files ] *****

File Found : C:\Windows\Reimage.ini

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : ReimageUpdater

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Solution Real
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Solution Real
Key Found : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Reimage
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [3485 bytes] ##########

 

 

 

But I am  still unable to get chkdsk to work. I have tried multiple times

.Is there someway to fix that?

 

 

I really appreciate your help.I don't know yet if the computer is running better. I would like to try it out a bit.



#11 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 20 November 2015 - 08:49 PM

Hey farmgirl806, could you tell me what happens when you try to run the chkdsk command? does it give an error message or anything? Please try to describe in your next reply what happens after you copy and paste the command. Please follow the steps below and reply if you have any questions:
 
Step 1:
 
Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator

  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Step 2:
 
cvMlKv6.pngESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

 

I would like to see the results of the AdwCleaner scan and clean and also your ESET scan if anything was found in your next reply. Also if you could describe what happens when you try and run the chkdsk command. Also have you noticed any difference in your computers performance? Thanks,

 

loki


Edited by loki2007, 20 November 2015 - 08:50 PM.

 
Member of the Bleeping Computer A.I.I. early response team!

#12 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 21 November 2015 - 01:24 PM

here is the log.
# AdwCleaner v5.021 - Logfile created 21/11/2015 at 06:12:54
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.4 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : me - ME-PC
# Running from : C:\Users\me\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[x] Folder Not Deleted : C:\Users\me\AppData\LocalLow\HPAppData

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [725 bytes] ###





There was nothing found with ESET.

When I try to run chkset it does nothing. As if I didn't try. Is there a way to fix the utility. I also had another problem. When I started the Adwcleaner it ran for a bit and then I gotthe blue screen and it shut down. Then I started the netbook again and ran the program adwcleaner and it has run ok ever since. So I don't know what that was about.

#13 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 22 November 2015 - 08:58 AM

Hi farmgirl806, I need to do some checking on why AdwCleaner crashed when you ran it and why chkdsk won't run and I will get back to you. But while I'm doing that, lets clean up your temp files. Also can I ask if you have noticed any difference in the way your computer is running? As always, if you have any questions for the step below please reply to this thread:
 
Step 1:
 
3DPGbxe.pngTemp File Cleaner (TFC)

  • Please download Temp File Cleaner (TFC) and move it to your Desktop
  • Right-click on TFC.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on Start to launch the cleanup process and wait until it completes
  • TFC may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • Please restart your computer
  • There will be no log generated by this tool

Thanks,

 

loki


 
Member of the Bleeping Computer A.I.I. early response team!

#14 loki2007

loki2007

  • Members
  • 551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Hampshire
  • Local time:05:19 AM

Posted 22 November 2015 - 12:47 PM

Lets try another way to run chkdsk, please follow the steps below and report back to me with any questions or problems:
 
Step 1:
 
Running chkdsk through GUI:

  • Open Computer by clicking the Start button 4f6cbd09-148c-4dd8-b1f2-48f232a2fd33_818, clicking Computer.
  • In the left pane, look for your C: drive and right-click on it and select Properties.
  • In the Tools tab, select Check now... in the Error-checking box.

    RFiwKQl.png
  • A new window will open with two Check disk options:

    xFGMFFn.png
  • Please make sure both "Automatically fix file system errors" and "Scan for and attempt recovery of bad sectors" boxes are checked then select Start
  • A new window will open

    YV3eZSi.png
  • Please select Schedule disk check
  • Restart your computer and chkdsk will run (this may take some time so please be patient)

Were you able to run chkdsk this time? I asked my peers about the AdwCleaner crash and was told it was more then likely nothing to worry about.


 
Member of the Bleeping Computer A.I.I. early response team!

#15 farmgirl806

farmgirl806
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 22 November 2015 - 04:56 PM

That worked for chkdsk. I went to the event log and here is the info. I also ran the temp file cleaner and ok on the adwcleaner. The computer seems to be running better I believe. I still did get a nonresponsive page in IE. Also still get script errors even tho I have them turned off. But I believe the computer is faster. Thank you so much for all your knowledge and for helping me. You folks are the greatest!!


Checking file system on C: The type of the file system is NTFS. Volume label is Acer. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 160512 file records processed. File verification completed. 498 large file records processed. 0 bad file records processed. 0 EA records processed. 47 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 205534 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 160512 file SDs/SIDs processed. Cleaning up 5228 unused index entries from index $SII of file 0x9. Cleaning up 5228 unused index entries from index $SDH of file 0x9. Cleaning up 5228 unused security descriptors. Security descriptor verification completed. 22512 data files processed. CHKDSK is verifying Usn Journal... 36889976 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 160496 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 48672509 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system. 230462463 KB total disk space. 35419576 KB in 123579 files. 77852 KB in 22513 indexes. 0 KB in bad sectors. 274995 KB in use by the system. 65536 KB occupied by the log file. 194690040 KB available on disk. 4096 bytes in each allocation unit. 57615615 total allocation units on disk. 48672510 allocation units available on disk. Internal Info: 00 73 02 00 b7 3a 02 00 2f 24 04 00 00 00 00 00 .s...:../$...... 1a 01 00 00 2f 00 00 00 00 00 00 00 00 00 00 00 ..../........... 08 90 47 00 50 01 46 00 30 1c 46 00 00 00 46 00 ..G.P.F.0.F...F. Windows has finished checking your disk. Please wait while your computer restarts.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users