Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Running Slow


  • Please log in to reply
14 replies to this topic

#1 Fixing1

Fixing1

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 19 November 2015 - 11:42 PM

Hi all,
 
My computer seems to be running slower then usual and I can't figure out why, can someone help me please!
 
My Specs:
 
Intel® Core™ i3-4130 CPU @ 3.40GHz
 
8GB Ram ^4 bit operating system, X64-base processor

Edited by Queen-Evie, 21 November 2015 - 12:31 PM.
moved from Windows 8 to Am I Infected


BC AdBot (Login to Remove)

 


#2 yu gnomi

yu gnomi

  • Members
  • 532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago suburb
  • Local time:03:18 PM

Posted 20 November 2015 - 04:32 AM

There are a number of things that can cause this: malware that hogs system resources for it's own purposes; badly written software that hog's resources to no real purpose; conflicts between software you are using and operating system programs that have changed recently due to updates; and failing hardware. 

 

There could be cases I have left out. I would download and run Malwarebytes from https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/, and let it quarantine or delete anything it finds malicious (whatever Malwarebytes recommends). See what the results of that are before proceeding.



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:18 PM

Posted 20 November 2015 - 08:30 AM

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
 

Please download MiniToolBox to your desktop.
 
Right-click on MiniToolBox.exe and select Run as Administrator.
 
You will see an image like the one below.
 
minitoolbox_zps7byuwkla.png
 
Click on the following checkboxes only:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, then copy it and paste it in your topic.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 21 November 2015 - 04:05 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2015-11-21
Scan Time: 3:05 AM
Logfile: Malwarebytes Anti-Malware Detected.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.11.21.02
Rootkit Database: v2015.11.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ashley
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 389351
Time Elapsed: 14 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Wajam, HKU\S-1-5-21-3488588262-1863124991-1029055636-1008\SOFTWARE\WajIEnhance, , [772fb4ccd6b5a096a7f1f0b30102bc44], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 8
PUP.Optional.Wajam, C:\Users\Ashley\AppData\Roaming\RHEng\6C15AD09C0324FC3AF64ECE598B47297\WWE_1.48.5.13.exe, , [2c7abbc58308a1956a75077b5ca87a86], 
PUP.Optional.PCMechanic, C:\Users\Ashley\AppData\Roaming\RHEng\70347F9424EC4698BF3CD11ABE311F71\PCM_CA.exe, , [9c0a4040ddaef145cebfa078936e14ec], 
CrackTool.Agent, C:\Users\Ashley\Desktop\Adobe Photoshop CS6 Crack Only.zip, , [d1d592eecebd8da914cfd82a36cc4db3], 
Trojan.Agent.BAT, C:\$RECYCLE.BIN\S-1-5-21-3488588262-1863124991-1029055636-1008\$RT1R2J1.rar, , [01a58bf51e6df046eb25d035d430a957], 
PUP.Optional.OpenCandy, C:\Users\Ashley\AppData\Local\Temp\HYD8AD0.tmp.1438048620\HTA\install.1438048620.zip, , [8a1c59274942e2549991f08505ff32ce], 
PUP.Optional.OpenCandy, C:\Users\Ashley\AppData\Local\Temp\HYD8AD0.tmp.1438048620\HTA\3rdparty\OCSetupHlp.dll, , [3175a4dc94f762d4bd6d1f56e02449b7], 
PUP.Optional.OpenCandy, C:\Users\Ashley\AppData\Local\Temp\HYD9065.tmp.1436833820\HTA\install.1436833820.zip, , [1d892060f299c76f0b1fb3c22adab34d], 
PUP.Optional.PCMechanic, C:\Users\Ashley\AppData\Local\Temp\is-N2OV5.tmp\pm-standalone-setup.exe, , [56507010e7a44fe7890466b220e1aa56], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#5 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 21 November 2015 - 04:15 AM

http://speccy.piriform.com/results/sW2xeymPfza50gbgdUhfhNm



#6 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 21 November 2015 - 04:18 AM

Alright I've noticed a difference already!  :bananas: Is there anything else you would like me to run? Or any suggestions?



#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:18 PM

Posted 21 November 2015 - 08:23 AM

Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
================

Please run AdwCleaner
 
Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.
 
================
 

Emsisoft Emergency Kit
 
Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).

  •  
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note:  This option is only available if malicious objects were detected during the scan.  If this is the case select Delete selected.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.

================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 21 November 2015 - 08:24 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 03:20 AM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Ashley (administrator) on 22-11-2015 at 03:14:10
Running from "C:\Users\Ashley\Desktop"
Microsoft Windows 8.1  (X64)
Model: 500-270 Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/22/2015 02:27:25 AM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=46.0.2490.86;lang=;guid=18E4C956ED604EB0ADFDA7CD551ABB75;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6a59f544-b1ce-4016-9b5a-ee1abc4f98d0.dmp
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (11/21/2015 07:16:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:59 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 07:16:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (11/21/2015 08:02:42 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (11/21/2015 05:15:49 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (11/22/2015 02:27:25 AM) (Source: Chrome)(User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=46.0.2490.86;lang=;guid=18E4C956ED604EB0ADFDA7CD551ABB75;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6a59f544-b1ce-4016-9b5a-ee1abc4f98d0.dmp
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125
 
Error: (11/21/2015 08:02:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297
 
Error: (11/21/2015 05:15:54 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140
 
Error: (11/21/2015 05:15:52 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-11-22 03:13:13.811
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-22 03:13:13.656
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-22 03:08:46.178
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-22 03:08:46.027
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-22 03:08:03.195
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-22 03:08:03.018
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-21 04:08:25.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-21 04:08:25.553
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-09-17 12:12:00.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-09-17 12:12:00.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
4 Elements II (HKLM-x32\...\WTA-1c74fecf-0f70-4c59-b5d3-b89d5c16c04f) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Airport Mania (HKLM-x32\...\WTA-6d92b47c-dfd5-45de-be35-e9acaa0bf8a2) (Version: 2.2.0.95 - WildTangent) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-7a991668-bd02-4422-bb3f-5105283c09c5) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-e9f1df7e-fee4-4def-9f4d-536a5e1ac629) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WTA-0bd52116-f7ca-4f47-8f61-1e524dffff02) (Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-afbdc257-77fe-4f9a-98f7-62d2a6d0cd76) (Version: 2.2.0.98 - WildTangent) Hidden
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-49d79163-80e9-4e92-8a14-12611a6906be) (Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-6220bd1f-708c-4815-b8fe-f265decb0a53) (Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (HKLM-x32\...\WTA-36a61c9e-45b8-4e15-a3af-e308261ee41a) (Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6805 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3103 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4323 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3215 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3215 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (HKLM-x32\...\WTA-d52ce6bb-4106-438a-9ed6-e56833be1cc9) (Version: 3.0.2.32 - WildTangent) Hidden
Farm Frenzy (HKLM-x32\...\WTA-f24e0e88-1b90-4387-a820-3be48db95cf3) (Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-877f1e56-80e3-4508-9e84-859c7fb82253) (Version: 3.0.2.38 - WildTangent) Hidden
GameSpy Comrade (HKLM-x32\...\{176B3593-72F1-459C-829C-5E9671E2CB35}) (Version: 1.4.3.154 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-e0099c89-902a-4a52-af48-307f5303ae1e) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (HKLM-x32\...\WTA-44bb1779-fd52-4591-8a4d-1fada98f4b6c) (Version: 2.2.0.98 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.51 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{390AD982-A331-4D4F-AFD1-64005BC7C99D}) (Version: 7.3.35.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.51 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.51 - Softex Inc.) Hidden
Intel Driver Update Utility (HKLM-x32\...\{45076b94-d6e6-41ae-abd0-609e78177aee}) (Version: 2.1.0.17 - Intel)
Intel® Driver Update Utility 2.1 (HKLM-x32\...\{488EDBA1-A191-4C46-8B2F-8EE6C1F5BC95}) (Version: 2.1.0.17 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3262 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-8ddd10ff-30a2-46dd-bb56-e32642c13f97) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-fb64a998-8555-4231-b1b4-678e663fd4e6) (Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-64515c92-ad11-4123-8bac-3a2c610fe8a4) (Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-245da8d8-69e3-4291-a434-5b22b631382d) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (HKLM-x32\...\WTA-7106c8f0-3672-4be9-8716-e718fcb33f4a) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-7e3c9513-924f-4fbe-8a36-6847e12b1c29) (Version: 2.2.0.98 - WildTangent) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Peggle Nights (HKLM-x32\...\WTA-ff1c8c54-1939-47eb-9877-2825a39bf79c) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-46165ba4-a0a9-4fef-afe3-010a080d6925) (Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\{9B56B031-A6C0-4BB7-8F61-938548C1B759}) (Version: 1.1.1.2 - Pinger Inc.) Hidden
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-ad46701d-7c42-46c5-8a34-dfcff37113e9) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-7c0cd7fb-11a1-4340-925d-ea1982e6fc35) (Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30175 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7001 - CyberLink Corp.) Hidden
Roads of Rome 3 (HKLM-x32\...\WTA-44b7eb7c-64c6-4405-a7e1-286d179ffc1b) (Version: 2.2.0.98 - WildTangent) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sid Meier's Civilization 4 Gold (HKLM-x32\...\{55502C49-F061-428C-BF26-06ECDFB3AC29}) (Version: 1.72 - Firaxis Games)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Tales of Lagoona (HKLM-x32\...\WTA-a1345ab7-cc1a-4ba5-ae1e-da783b445b54) (Version: 2.2.0.110 - WildTangent) Hidden
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-24073f8c-3775-4fd6-beb7-fc71c11dd679) (Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (HKLM-x32\...\WTA-893cbf07-ab49-4b5b-a8c2-3bc50522eb2a) (Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-87a528ce-6b86-4221-8c3b-4ce1c78b8c2e) (Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 60%
Total physical RAM: 8097.11 MB
Available physical RAM: 3209.57 MB
Total Virtual: 22945.11 MB
Available Virtual: 16725.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:914.92 GB) (Free:461.32 GB) NTFS
2 Drive d: (Recovery Image) (Fixed) (Total:15.12 GB) (Free:1.88 GB) NTFS
4 Drive f: (EOS_DIGITAL) (Removable) (Total:15.12 GB) (Free:13.34 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\ENT3RPRIZE_JAY
 
Administrator            Ashley                   ASPNET                   
Guest                    Jayone1                  
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****

The TDSSKILLER can back negative but if you want the log I can send it



#9 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 03:24 AM

This is my ADWCleaner, Should I hit clean on this?

 

# AdwCleaner v5.021 - Logfile created 22/11/2015 at 03:21:32
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.4 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Ashley - ENT3RPRIZE_JAY
# Running from : C:\Users\Ashley\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\Users\Ashley\AppData\Roaming\RHEng
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [619 bytes] ##########


#10 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 04:18 AM

Emsisoft Emergency Kit - Version 10.0
Last update: 2015-11-22 3:40:00 AM
User account: ENT3RPRIZE_JAY\Ashley
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 2015-11-22 4:11:17 AM
 
Scanned 90383
Found 0
 
Scan end: 2015-11-22 4:17:04 AM
Scan time: 0:05:47


#11 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 08:18 AM

C:\Users\Ashley\AppData\Local\Microsoft\Windows\INetCache\IE\DWFKRPTK\pcmechanicpm-standalone-setup[1].exe Win32/UniBlue.E potentially unwanted application deleted - quarantined
C:\Users\Ashley\AppData\Local\Temp\HYD8AD0.tmp.1438048620_permissionsCopy\updates\3.4.3_40633.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting - quarantined
C:\Users\Ashley\Downloads\DONE\uTorrent.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting - quarantined
 
 
I did not clear these items because you didn't tell me to. Please let me know what I should do next.


#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:18 PM

Posted 22 November 2015 - 09:38 AM

Just follow the instructions.  Nothing malicious was found.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 12:52 PM

Ok I cleared that! Is there anything else I should try



#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:18 PM

Posted 22 November 2015 - 01:11 PM

Is the computer running properly now?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 Fixing1

Fixing1
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 22 November 2015 - 01:24 PM

It seems to be! I don't see anything wrong with it with exception to a couple of issues which I have created inquires for! Is there anything else that you think that I should run?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users