Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7- PC Suddenly very slow Response


  • Please log in to reply
8 replies to this topic

#1 ZainulAbideen

ZainulAbideen

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oshawa
  • Local time:11:21 PM

Posted 26 January 2017 - 09:05 PM

Hi,

 

Just a few days ago my PC started giving very slow response. Windows navigation & Browsing takes forever.

I would appreciate your help.

 

Windows 7 Home Premium (Service Pack 1)

64-bit

AMD A4-4000 APU with Redeon ™ HD Graphics 3.00 GHZ

RAM  4 GB (2.21 GB usable)

 

Thanks in advance

Regards

 

 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,554 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:21 PM

Posted 26 January 2017 - 09:18 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 ZainulAbideen

ZainulAbideen
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oshawa
  • Local time:11:21 PM

Posted 27 January 2017 - 08:49 AM

Hello Louis,
Thanks for your prompt reply.
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by user (administrator) on 27-01-2017 at 07:47:54
Running from "C:\Users\user\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7721 Manufacturer: MSI

Boot Mode: Normal

***************************************************************************

 

========================= Event log errors: ===============================

 

Application errors:
==================
Error: (01/27/2017 06:59:33 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18163 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: d40
Start Time: 01d27892bc1bae7d
Termination Time: 3510
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:

 

Error: (01/26/2017 08:08:23 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18163 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: dfc
Start Time: 01d278336d66e13c
Termination Time: 2933
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:

Error: (01/26/2017 04:52:47 PM) (Source: YSearchUtilSvc) (User: )
Description: YSearchUtilSvc error: The operation completed successfully. (0x0)Could not open service (1060)

Error: (01/26/2017 04:46:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: Spotify.exe, version: 1.0.45.186, time stamp: 0x58540a6a
Faulting module name: Spotify.exe, version: 1.0.45.186, time stamp: 0x58540a6a
Exception code: 0x40000015
Fault offset: 0x0002165b
Faulting process id: 0xc18
Faulting application start time: 0xSpotify.exe0
Faulting application path: Spotify.exe1
Faulting module path: Spotify.exe2
Report Id: Spotify.exe3

Error: (01/26/2017 02:16:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: wcp.dll, version: 6.1.7601.18766, time stamp: 0x54e4396d
Exception code: 0xc0000005
Fault offset: 0x00000000001fe629
Faulting process id: 0x10ac
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (01/26/2017 10:56:26 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 50.1.0.6186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f98
Start Time: 01d277ec38585100
Termination Time: 889
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id:

Error: (01/25/2017 10:18:51 PM) (Source: Application Hang) (User: )
Description: The program SDWelcome.exe version 2.4.40.130 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: fb0
Start Time: 01d277827e9af27c
Termination Time: 78
Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
Report Id:

Error: (01/24/2017 09:07:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1216.

Error: (01/24/2017 09:07:17 PM) (Source: ESENT) (User: )
Description: Catalog Database (108) Catalog Database: Database recovery/restore failed with unexpected error -1216.

Error: (01/24/2017 09:07:17 PM) (Source: ESENT) (User: )
Description: Catalog Database (108) Catalog Database: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

System errors:
=============
Error: (01/27/2017 07:42:27 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (01/27/2017 07:41:56 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (01/27/2017 07:35:48 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (01/27/2017 06:53:23 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/27/2017 06:50:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/27/2017 06:49:06 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/27/2017 06:48:29 AM) (Source: DCOM) (User: )
Description: {0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}

Error: (01/27/2017 06:48:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/27/2017 06:47:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (01/27/2017 06:46:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{D7DC6456-34D0-FF82-B0B1-0A0A53B12779}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{D669DC52-B1A4-4933-878D-CB80F660D95D}) (Version: 55.0.2883.17 - Google Inc.)
DolbyFiles (HKLM-x32\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 2.0 - Nero AG) Hidden
dr.fone toolkit for Android (Version 8.0.1) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.0.1.32 - Wondershare Software Co.,Ltd.)

DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.6.1113 - DVDVideoSoft Ltd.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Keying Suite 64-bit (HKLM\...\{456BB962-D316-40BC-8949-4CEC32F2AA7A}) (Version: 11.0.2 - Red Giant) Hidden
Keying Suite 64-bit (HKLM-x32\...\InstallShield_{456BB962-D316-40BC-8949-4CEC32F2AA7A}) (Version: 11.0.2 - Red Giant)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
magicJack (HKCU\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{9571809e-f7d5-48ef-9959-a6dee2176ed6}) (Version:  - Nero AG)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)

========================= Memory info: ===================================
Percentage of memory in use: 98%
Total physical RAM: 2264.21 MB
Available physical RAM: 33.58 MB
Total Virtual: 4670.63 MB
Available Virtual: 955.3 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.54 GB) (Free:162.38 GB) NTFS

========================= Users: ========================================
User accounts for \\USER-PC
Administrator            Guest                    user

                    
**** End of log ****
 
http://speccy.piriform.com/results/XHACxXeRlFQXNLbWCHrGkyo
 
 


Edited by hamluis, 27 January 2017 - 10:40 AM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,554 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:21 PM

Posted 27 January 2017 - 10:34 AM

Something is amiss between the RAM installed per MTB and what you state in your initial post...about 2GB RAM.  The Speccy data confirms that 4GB are installed.

 

Firewall and AV reflect "disabled" status per Speccy.

 

Wondershare software process reflects max RAM usage of 1.83GB.  This is approximately 6 times what one should expect as a possible max for a process.

 

Outdated Java version installed, increased vulnerability to malware.  Why should I remove older versions of Java from my system - http://www.java.com/en/download/faq/remove_olderversions.xml .

 

https://en.wikipedia.org/wiki/DVDVideoSoft , since you have an app installed which (typically) may result in malware on the system...combined with other noted security situations...I am moving this topic to the Am I Infected forum.

 

Louis


Edited by hamluis, 27 January 2017 - 10:42 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:21 PM

Posted 27 January 2017 - 01:19 PM

Hello, let's do these next.

 

zcMPezJ.pngAdwCleaner

  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 ZainulAbideen

ZainulAbideen
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oshawa
  • Local time:11:21 PM

Posted 28 January 2017 - 02:20 PM

AdwCleaner Log

 

# AdwCleaner v6.043 - Logfile created 28/01/2017 at 13:25:48
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-01-28.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

 

***** [ Services ] *****

 

***** [ Folders ] *****

[-] Folder deleted: C:\Program Files (x86)\Priceless
[-] Folder deleted: C:\users\user\AppData\Roaming\SSN
[#] Folder deleted on reboot: C:\users\user\AppData\Roaming\ssn
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Folder deleted: C:\Users\user\AppData\Local\Geckofx
[#] Folder deleted on reboot: C:\Users\user\AppData\Roaming\ssn

***** [ Files ] *****

 

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\63873e09-54b7-9042-db53-d7a6cb272fda
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
[-] Key deleted: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Optimizer Pro

***** [ Web browsers ] *****

 

*************************

:: "Tracing" keys deleted
:: Winsock2 - Deleted C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2360 Bytes] - [28/01/2017 13:25:48]
C:\AdwCleaner\AdwCleaner[S0].txt - [2444 Bytes] - [28/01/2017 13:23:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2506 Bytes] ##########

 

 

  Junkware  Removal Tool Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by user (Administrator) on 28/01/2017 at 14:58:43.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 6

Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QN907A95 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFM7YV01 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W61FXXW8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QN907A95 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFM7YV01 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W61FXXW8 (Temporary Internet Files Folder)

 

Registry: 0

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/01/2017 at 15:14:46.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 now using ESET Online Scanner .... continue IN NEXT POST


Edited by ZainulAbideen, 28 January 2017 - 10:02 PM.


#7 ZainulAbideen

ZainulAbideen
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oshawa
  • Local time:11:21 PM

Posted 28 January 2017 - 10:01 PM

ESET LOG: 

 

C:\Program Files\Sony\Vegas Pro 12.0\vegas.pro.12.-patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application cleaned by deleting
C:\Users\user\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe a variant of Win32/FusionCore.I potentially unwanted application cleaned by deleting
C:\Users\user\Desktop\spsetup130.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\user\Downloads\ccsetup526.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:21 PM

Posted 28 January 2017 - 10:39 PM

Reboot the machine and see if there is improvement.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ZainulAbideen

ZainulAbideen
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oshawa
  • Local time:11:21 PM

Posted 29 January 2017 - 10:42 PM

Computer was still the same, very slow, even after a Reboot.

 

Then I checked in Task Manager that a program named "Wondershare" was using almost 75% of RAM.

I stopped this Process, and also, using "msconfig", disabled "Wondershare's Service"

Now computer is back to normal.

Thank You very much for all your help.

 

Regards.


Edited by ZainulAbideen, 30 January 2017 - 05:23 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users