Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Laptop


  • Please log in to reply
7 replies to this topic

#1 EddieLizzard

EddieLizzard

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 26 February 2016 - 11:39 AM

Hello,

 

Following success on this site with an issue on my own laptop, I thought I'd ask for more help for my girlfriend's daughter's laptop.  Despite warnings about downloads her laptop is now so slow that I think it's probably infected with viruses and or malware.

 

Please advise me of the process to try to rectify the situation.  She upgraded her laptop from Windows 8 to Windows 10 around 3-4 months ago.

 

Thanks.



BC AdBot (Login to Remove)

 


#2 Jaycan

Jaycan

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 26 February 2016 - 04:25 PM

Hello Eddie Lizard,

First,

Can you download MiniToolBox to the desktop ??
If you can please tick

  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and a Notepad page should soon open
Untick any items in Notepad > Format then, Copy / Paste your result.txt back here.
Highlight the text (once loaded) and press  the Control button and the C button To Copy the text and return here
When the cursor is at the location where you would like the data to be pasted press the Control button and the V button at the same to paste the text.

 

Next -
Is she running only one "updated Antivirus", if not I will link a basic free version.

 

Next -

AdwCleaner

  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Next -
Download  Malwarebytes Anti-Malware  (MBAM) Follow the simple install directions and install to desktop.

Right click and select Run as Administrator.
Perform a Scan and post the results back here.

 

Next -

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take over 1 hour..
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

 

Thanks, for the moment,

 

EDIT - If you have any questions, please ask prior to doing your next step.

There are NO stupid questions, but we often do not give good directions :wink:


Edited by Jaycan, 26 February 2016 - 04:35 PM.


Acer Computer with LG Monitor and Toshiba Laptop with Windows 7.1

Windows 64bit  8.1 - Always fully updated

Firefox / Google Chrome / Internet Explorer Browsers

Usually a home helper here or with friends and nimble fingered ladies who would rather sew or dust, but not clean the bugs out of a computer ...


#3 EddieLizzard

EddieLizzard
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 27 February 2016 - 04:54 PM

Hi Jaycan,

 

Thanks for your help.

 

Here we go!

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Paige (administrator) on 27-02-2016 at 08:33:24
Running from "C:\Users\Paige\Downloads"
Microsoft Windows 10 Home  (X64)
Model: HP Pavilion g6 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/27/2016 08:30:04 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.10586.20 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1834

Start Time: 01d17138afb41815

Termination Time: 57

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 43d4036e-dd2c-11e5-bf04-38eaa7e438ec

Faulting package full name:

Faulting package-relative application ID:

Error: (02/24/2016 06:34:52 PM) (Source: HP Active Health) (User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
   at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
   at System.Diagnostics.PerformanceCounterLib.get_NameTable()
   at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
   at System.Diagnostics.PerformanceCounter.InitializeImpl()
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (02/24/2016 06:32:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10586.35, time stamp: 0x566505bc
Faulting module name: QuickActions.dll, version: 0.0.0.0, time stamp: 0x56650458
Exception code: 0xc0000005
Fault offset: 0x0000000000001931
Faulting process ID: 0x1848
Faulting application start time: 0xShellExperienceHost.exe0
Faulting application path: ShellExperienceHost.exe1
Faulting module path: ShellExperienceHost.exe2
Report ID: ShellExperienceHost.exe3
Faulting package full name: ShellExperienceHost.exe4
Faulting package-relative application ID: ShellExperienceHost.exe5

Error: (02/24/2016 06:31:50 PM) (Source: MsiInstaller) (User: PAIGE-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.

Error: (02/24/2016 06:30:50 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Paige-PC.local already in use; will try Paige-PC-2.local instead

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Paige-PC.local. Addr 192.168.0.14

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.14:5353   16 Paige-PC.local. AAAA 2A02:0C7D:522E:1D00:D029:476D:C296:BAFC

Error: (02/23/2016 01:37:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (02/23/2016 01:37:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

System errors:
=============
Error: (02/27/2016 08:29:42 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (02/24/2016 06:43:21 PM) (Source: Service Control Manager) (User: )
Description: The APXACC service failed to start due to the following error:
%%31

Error: (02/24/2016 06:43:21 PM) (Source: APXACC) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (02/24/2016 06:42:27 PM) (Source: Microsoft-Windows-HAL) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.

Error: (02/24/2016 06:41:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_557922 service to connect.

Error: (02/24/2016 06:41:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_557922 service to connect.

Error: (02/24/2016 06:41:29 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_557922 service, but this action failed with the following error:
%%1056

Error: (02/24/2016 06:41:19 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_557922 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/24/2016 06:41:19 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_557922 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/24/2016 06:41:19 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_557922 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (02/27/2016 08:30:04 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.10586.20183401d17138afb4181557C:\Program Files (x86)\Internet Explorer\iexplore.exe43d4036e-dd2c-11e5-bf04-38eaa7e438ec

Error: (02/24/2016 06:34:52 PM) (Source: HP Active Health)(User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
   at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
   at System.Diagnostics.PerformanceCounterLib.get_NameTable()
   at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
   at System.Diagnostics.PerformanceCounter.InitializeImpl()
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (02/24/2016 06:32:17 PM) (Source: Application Error)(User: )
Description: ShellExperienceHost.exe10.0.10586.35566505bcQuickActions.dll0.0.0.056650458c00000050000000000001931184801d16f311c60a5aaC:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exeC:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dllcd59fa79-80c1-4897-bd7d-d86153ee0131Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewyApp

Error: (02/24/2016 06:31:50 PM) (Source: MsiInstaller)(User: PAIGE-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (02/24/2016 06:30:50 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Paige-PC.local already in use; will try Paige-PC-2.local instead

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Paige-PC.local. Addr 192.168.0.14

Error: (02/23/2016 02:01:43 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.14:5353   16 Paige-PC.local. AAAA 2A02:0C7D:522E:1D00:D029:476D:C296:BAFC

Error: (02/23/2016 01:37:15 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (02/23/2016 01:37:15 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

CodeIntegrity Errors:
===================================
  Date: 2016-02-27 08:33:15.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:33:15.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-27 08:33:14.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:33:14.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-27 08:32:20.633
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:31:21.753
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:30:49.507
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:30:38.642
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 08:30:34.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-24 18:39:51.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

7 Wonders II (HKLM-x32\...\WTA-4b70b705-1ff5-4daa-8d72-4cc2b5dbc9ae) (Version: 2.2.0.98 - WildTangent) Hidden
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Aloha TriPeaks (HKLM-x32\...\WTA-b493f204-a6c4-488c-ac66-f2f2931428a4) (Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1F56414D-D7F6-2DBF-BF65-1AC1A8609C03}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG (HKLM\...\{433577CF-7900-4559-9693-FA52A8487DBE}) (Version: 16.41.7442 - AVG Technologies) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG 2016 (HKLM\...\{D181BF91-057A-4889-BF0B-812D1BC2410C}) (Version: 16.0.4537 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
AVG Zen (HKLM\...\{CEDC1C27-A73A-4779-9121-DB77A8AE2003}) (Version: 1.41.29 - AVG Technologies) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-b3a42aa3-318e-403b-965c-8dae5e0052b0) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot 4 - Power Source (HKLM-x32\...\WTA-e955c787-3f2b-4955-bf98-4165a32d68e9) (Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-7b1c57aa-1ad6-4713-be81-12a774b96c48) (Version: 2.2.0.95 - WildTangent) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cradle of Rome 2 (HKLM-x32\...\WTA-952504d2-1cdc-4ec3-9ed5-67380363db70) (Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-a8afe570-7014-420b-a25a-4af536781023) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (HKLM-x32\...\WTA-dfd80264-271a-486f-813c-182cf2b75561) (Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-1dfae807-98c2-4524-aa42-e56f7ba065ec) (Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (HKLM\...\{0AB3CCB3-5C0B-4C65-9FA4-CFEF6283F7F1}) (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-ff5d29f0-6ca2-4b9a-9b0f-9e3ffb67fc3f) (Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Jewel Match 3 (HKLM-x32\...\WTA-95b60f18-8e01-4b7a-ae89-207561142a69) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (HKLM-x32\...\WTA-433e89f6-adef-492a-a750-6b6bee21f9e9) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WTA-5039d48f-ff17-4ce5-ba0b-c33de05e92a7) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (HKLM-x32\...\WTA-c63830e9-f7c3-4b10-b0df-1515f28036b0) (Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-GB)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-90dfe42b-d744-4bb4-a18b-0516fc94c6e8) (Version: 2.2.0.98 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-4b92a80e-f0d9-4446-980d-7e3aa4577fe0) (Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-bc311c9f-b004-4a83-a5f8-4ef795f88479) (Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
The Sims 2 (HKLM-x32\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version:  - )
Trinklit Supreme (HKLM-x32\...\WTA-3f6660e4-98d8-44f8-aae6-8250ec867c8d) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Virtual Families (HKLM-x32\...\WTA-29898dfc-4f3d-4ebf-95c5-b0ed1dfc6757) (Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wedding Dash (HKLM-x32\...\WTA-8531c1da-92d6-4fb2-a888-6148e4cf0e79) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-ed116bc6-cb0f-43a4-ab04-302d150880aa) (Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 7770.26 MB
Available physical RAM: 5509.88 MB
Total Virtual: 8986.26 MB
Available Virtual: 6721.61 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:909.32 GB) (Free:862.79 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.8 GB) (Free:2.42 GB) NTFS

========================= Users: ========================================

User accounts for \\PAIGE-PC

Administrator            DefaultAccount           Guest                   
Paige                   

**** End of log ****

 

Adwcleaner

 

# AdwCleaner v5.036 - Logfile created 27/02/2016 at 08:38:24
# Updated 22/02/2016 by Xplode
# Database : 2016-02-27.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Paige - PAIGE-PC
# Running from : C:\Users\Paige\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : vToolbarUpdater40.2.6

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Avg_Update_1215avz
Folder Found : C:\ProgramData\Avg_Update_1215tb
Folder Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn

***** [ Files ] *****

File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage
File Found : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage-journal
File Found : C:\Users\Paige\AppData\Roaming\Mozilla\Firefox\Profiles\lwu9w3r3.default\extensions\Avg@toolbar.xpi
File Found : C:\Users\Paige\AppData\Roaming\Mozilla\Firefox\Profiles\lwu9w3r3.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com
[C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : chfdnecihphmhljaaejmgoiahnihplgn
[C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcfenmboojpjinhpgggodefccipikbpd

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [4958 bytes] - [27/02/2016 08:38:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5031 bytes] ##########

 

MBAM

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27/02/2016
Scan Time: 09:01
Logfile: MBAM.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.27.01
Rootkit Database: v2016.02.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Paige

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 366268
Time Elapsed: 42 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, , [8e1f4223a5f40f27229239c62fd3d030],
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, , [8528075e85142610674de01f9c6617e9],
PUP.Optional.ASK, HKU\S-1-5-21-1370363555-881524944-1747224965-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, , [575676ef762356e0d2e177881ce63bc5],

Registry Values: 3
PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF, , [8e1f4223a5f40f27229239c62fd3d030]
PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF, , [8528075e85142610674de01f9c6617e9]
PUP.Optional.ASK, HKU\S-1-5-21-1370363555-881524944-1747224965-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF, , [575676ef762356e0d2e177881ce63bc5]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

ESET found no issues.

 

We have the free AVG installed.  During this process I have uninstalled Norton software and McAfee.

 

I hope that helps.  I look forward to hearing what the results mean!

 

Thank you.



#4 Jaycan

Jaycan

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 27 February 2016 - 07:58 PM

Thanks Eddie.

During this process I have uninstalled Norton software and McAfee.

Any Norton and McAfee security (active antivirus) should be totally removed, as they are not needed.

 

Did you run the Clean in Adwcleaner, and get an Auto Reboot ?? You only posted a Scan Log, and I can not see any important items that will be removed.

(Potentially Unwanted Program) PUP.Optional.ASK, << This is often installed with AVG Antivirus, and not required.

 

Run Clean if you did not do it earlier, and it will produce a fresh log - Please copy / paste that back here.

 

Next -

1. Open an elevated command prompt or an elevated Windows PowerShell.
Go > Windows key + X > From the list click on > Command Prompt (Admin)

2. In the elevated command prompt, type the command below,
sfc /scannow and press Enter.

3. When the scan is complete, hopefully you will see a Windows Resource Protection did not find any integrity violations message

(COULD run for 20 min up to 1 hour:unsure:

 

I do not run Windows 10, but there may be problems there. Tell me if you get messages

 

Please update us once completed  :thumbup2:  and any problems



Acer Computer with LG Monitor and Toshiba Laptop with Windows 7.1

Windows 64bit  8.1 - Always fully updated

Firefox / Google Chrome / Internet Explorer Browsers

Usually a home helper here or with friends and nimble fingered ladies who would rather sew or dust, but not clean the bugs out of a computer ...


#5 EddieLizzard

EddieLizzard
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 February 2016 - 06:14 AM

Hi,

 

Here is the log from adwcleaner.

 

# AdwCleaner v5.036 - Logfile created 28/02/2016 at 09:20:18
# Updated 22/02/2016 by Xplode
# Database : 2016-02-28.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Paige - PAIGE-PC
# Running from : C:\Users\Paige\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_1215avz
[-] Folder Deleted : C:\ProgramData\Avg_Update_1215tb
[-] Folder Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn

***** [ Files ] *****

[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Paige\AppData\Roaming\Mozilla\Firefox\Profiles\lwu9w3r3.default\extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Users\Paige\AppData\Roaming\Mozilla\Firefox\Profiles\lwu9w3r3.default\searchplugins\avg-secure-search.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Paige\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5312 bytes] - [28/02/2016 09:20:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [5134 bytes] - [27/02/2016 08:38:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [5205 bytes] - [28/02/2016 09:09:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5531 bytes] ##########

 

Windows Resource Protection did not find any integrity violations.

 

Thanks!



#6 Jaycan

Jaycan

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 28 February 2016 - 07:47 AM

Thanks for that Eddie

 

You ran the sfc /scannow command as written..

 

Please always tell us if things are better or worse, so that we know if things are finished or what ..

 

Regards -



Acer Computer with LG Monitor and Toshiba Laptop with Windows 7.1

Windows 64bit  8.1 - Always fully updated

Firefox / Google Chrome / Internet Explorer Browsers

Usually a home helper here or with friends and nimble fingered ladies who would rather sew or dust, but not clean the bugs out of a computer ...


#7 EddieLizzard

EddieLizzard
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 04 March 2016 - 04:06 AM

Hi,

 

I have been advised that the laptop is now performing much better.  Thanks very much for your help. 



#8 Jaycan

Jaycan

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 05 March 2016 - 01:59 AM

You are always welcome..

 

Please come back and start a new topic for other problems..

 

Regards.


Edited by Jaycan, 05 March 2016 - 02:00 AM.


Acer Computer with LG Monitor and Toshiba Laptop with Windows 7.1

Windows 64bit  8.1 - Always fully updated

Firefox / Google Chrome / Internet Explorer Browsers

Usually a home helper here or with friends and nimble fingered ladies who would rather sew or dust, but not clean the bugs out of a computer ...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users