• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • Welcome to iHelpForum - the place to get help from knowledgeable techs in all areas of Tech, Home and Auto help. Consider checking out our Guides or Registering an account to post on our forums today.

Solved Slow Computer

brewster393

Member
iHF Regular
#1
I must first apologise if any mistakes creep in but it has taken me 20 minutes to get this far, my computer has slowed down so much that it (firefox) keeps crashing - I sometimes have to type words twice, also the Adobe flash plug-in keeps crashing.
P.S. Firefox has crashed twice while I've been typing this.

PLEASE HELP!!!

P.P.S. Three Times!!!
 

brewster393

Member
iHF Regular
#2
O.K. the similar thread 'slow machine and slow internet issues', is probably of interest to (firefox crashed) me - but I am unable to get into it because (firefox crashed) I "do not have permission to view this page or perform this action" (firefox crashed) can anyone please help!
 

Highlander

The Immortal
iHF Master Craftsman
Advisor
WCG Team Member
#3
Here is a starting point.
Open the Computer icon on your Desktop.
Right click on the C drive
Click on Properties
Click on the Tools tab
Click on Check now button
Insure both options are selected, then click on the Start button
Let the program run. It may take some time to finish.
When the program is completed, reboot.

Let us know how the computer runs now.
 

Malnutrition

Still Hungry
iHF Master Craftsman
#4
Download and run wipe and system ninja,



https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/



Then.....



Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.



Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.




Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.





Reboot your machine and then follow the instructions below.



Step 1: eScanAV.



Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/for...nti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/cont...ter.asp?pcode=MWAV&src=english_dwn&type=alter



Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.

Once you have updated the program, make sure the settings are the same as the picture below.

Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.

Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.



Step 2: Zemana



Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.



Remove any infections found.

Then click on the icon in the pic below.



Double click on the scan log, copy and paste here in your reply.





Step 3: Junkware Removal Tool.

Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.

Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 

driver_ian

In at the Deep End...
Administrator
Security Advisor
iHF Legend
#7
Brewster has had an issue uploading his logs so has asked I do it on his behalf..

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.6 (05.21.2015:1)
OS: Windows 7 Ultimate x86
Ran by Brewster on 22/05/2015 at 12:27:36.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] swdumon
Successfully deleted: [Service] swdumon



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Browse Pax
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Reverse Page
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Reverse Page



~~~ Files

Successfully deleted: [File] C:\Windows\System32\drivers\swdumon.sys
Successfully deleted: [File] C:\Users\Brewster\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage



~~~ Folders

Successfully deleted: [Folder] C:\Users\Brewster\local settings\application data\slimware utilities inc





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/05/2015 at 12:33:27.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.205 - Logfile created 22/05/2015 at 13:04:20
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Brewster - BREWSTER-PUTER
# Running from : C:\Users\Brewster\Downloads\adwcleaner_4.205.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\PepperZip
Key Deleted : HKLM\SOFTWARE\af749221-c2ca-ea4b-23ea-67343ad32922

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 en-US)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R1].txt - [13676 bytes] - [04/03/2015 15:59:32]
AdwCleaner[R2].txt - [912 bytes] - [14/03/2015 14:27:38]
AdwCleaner[R3].txt - [970 bytes] - [14/03/2015 15:02:07]
AdwCleaner[R4].txt - [1282 bytes] - [22/05/2015 12:59:25]
AdwCleaner[S1].txt - [14413 bytes] - [04/03/2015 16:10:08]
AdwCleaner[S2].txt - [1035 bytes] - [14/03/2015 15:12:54]
AdwCleaner[S3].txt - [1213 bytes] - [22/05/2015 13:04:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1272 bytes] ##########

21 May 2015 16:53:42 [0ad8] - **********************************************************
21 May 2015 16:53:42 [0ad8] - MWAV - eScanAV AntiVirus Toolkit.
21 May 2015 16:53:42 [0ad8] - Copyright © MicroWorld Technologies
21 May 2015 16:53:42 [0ad8] - **********************************************************
21 May 2015 16:53:42 [0ad8] - Source: C:\Users\Brewster\Downloads\mwav.exe
21 May 2015 16:53:42 [0ad8] - Version 14.0.178 (C:\USERS\BREWSTER\APPDATA\LOCAL\TEMP\MEXE.COM)
21 May 2015 16:53:42 [0ad8] - Log File: C:\Users\Brewster\AppData\Local\Temp\MWAV.LOG
21 May 2015 16:53:42 [0ad8] - MWAV Registered: TRUE
21 May 2015 16:53:42 [0ad8] - User Account: Brewster (Administrator Mode)
21 May 2015 16:53:42 [0ad8] - OS Type: Windows Workstation [InstallType: Client]
21 May 2015 16:53:42 [0ad8] - OS: Windows 7 [OS Install Date: 05 Apr 2014 18:29:55]
21 May 2015 16:53:42 [0ad8] - Ver: Professional Service Pack 1 (Build 7601)
21 May 2015 16:53:42 [0ad8] - System Up Time: 31 Minutes, 4 Seconds


21 May 2015 16:53:42 [0ad8] - Parent Process Name : C:\Users\Brewster\Downloads\mwav.exe
21 May 2015 16:53:42 [0ad8] - Windows Root Folder: C:\Windows
21 May 2015 16:53:42 [0ad8] - Windows Sys32 Folder: C:\Windows\system32
21 May 2015 16:53:42 [0ad8] - DHCP NameServer: 192.168.1.254 192.168.1.254
21 May 2015 16:53:42 [0ad8] - Interface0 DHCPNameServer: 192.168.1.254 192.168.1.254
21 May 2015 16:53:42 [0ad8] - Interface0 NameServer: 208.67.222.222,208.67.220.220
21 May 2015 16:53:42 [0ad8] - Interface1 DHCPNameServer: 192.168.1.254 192.168.1.254
21 May 2015 16:53:42 [0ad8] - Local Fixed Drives: c:\,f:\
21 May 2015 16:53:42 [0ad8] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
21 May 2015 16:53:42 [0ad8] - [CREATED ZIP FILE: C:\Users\Brewster\AppData\Local\Temp\pinfect.zip]
21 May 2015 16:53:43 [0ad8] - Latest Date of files inside MWAV: Mon Mar 2 17:13:53 2015.
21 May 2015 16:53:45 [0ad8] - ** Changed Value of "Path"
21 May 2015 16:53:46 [0ad8] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Brewster\AppData\Local\Temp\ESCANDB.LOG]
21 May 2015 16:53:48 [0ad8] - Loaded/Created FileScan Cache Database...
21 May 2015 16:53:48 [0ad8] - Loading AV Library [DB]...
21 May 2015 16:54:20 [0ad8] - ArchiveScan: DISABLED
21 May 2015 16:54:24 [0ad8] - AV Library Loaded - MultiThreaded - 4 : [DB-DIRECT].
21 May 2015 16:54:24 [0ad8] - MWAV doing self scanning...
21 May 2015 16:54:24 [0ad8] - MWAV files are clean.
21 May 2015 16:54:34 [0ad8] - ArchiveScan: DISABLED
21 May 2015 16:54:34 [0ad8] - Virus Database Date: 02 Mar 2015
21 May 2015 16:54:34 [0ad8] - Virus Database Count: 6701505
21 May 2015 16:54:34 [0ad8] - Sign Version: 7.59505 [518257]
21 May 2015 16:55:51 [0ad8] - **********************************************************
21 May 2015 16:55:51 [0ad8] - MWAV - eScanAV AntiVirus Toolkit.
21 May 2015 16:55:51 [0ad8] - Copyright © MicroWorld Technologies
21 May 2015 16:55:51 [0ad8] -
21 May 2015 16:55:51 [0ad8] - Support: support@escanav.com
21 May 2015 16:55:51 [0ad8] - Web: http://www.escanav.com
21 May 2015 16:55:51 [0ad8] - **********************************************************
21 May 2015 16:55:51 [0ad8] - Version 14.0.178[DB] (C:\USERS\BREWSTER\APPDATA\LOCAL\TEMP\MEXE.COM)
21 May 2015 16:55:51 [0ad8] - Log File: C:\Users\Brewster\AppData\Local\Temp\MWAV.LOG
21 May 2015 16:55:51 [0ad8] - User Account: Brewster (Administrator Mode)
21 May 2015 16:55:51 [0ad8] - Parent Process Name : C:\Users\Brewster\Downloads\mwav.exe
21 May 2015 16:55:51 [0ad8] - Windows Root Folder: C:\Windows
21 May 2015 16:55:51 [0ad8] - Windows Sys32 Folder: C:\Windows\system32
21 May 2015 16:55:51 [0ad8] - OS: Windows 7 [OS Install Date: 05 Apr 2014 18:29:55]
21 May 2015 16:55:51 [0ad8] - Ver: Professional Service Pack 1 (Build 7601)
21 May 2015 16:55:51 [0ad8] - Latest Date of files inside MWAV: Mon Mar 2 17:13:53 2015.
21 May 2015 16:55:51 [0ec4] - Options Selected by User:
21 May 2015 16:55:51 [0ec4] - Memory Check: Enabled
21 May 2015 16:55:51 [0ec4] - Registry Check: Enabled
21 May 2015 16:55:51 [0ec4] - StartUp Folder Check: Enabled
21 May 2015 16:55:51 [0ec4] - System Folder Check: Enabled
21 May 2015 16:55:51 [0ec4] - Services Check: Enabled
21 May 2015 16:55:51 [0ec4] - Scan Spyware: Enabled
21 May 2015 16:55:51 [0ec4] - Scan Archives: Disabled
21 May 2015 16:55:51 [0ec4] - Drive Check: Enabled
21 May 2015 16:55:51 [0ec4] - All Drive Check :Disabled
21 May 2015 16:55:51 [0ec4] - Drive Selected = C:\
21 May 2015 16:55:51 [0ec4] - Folder Check: Disabled
21 May 2015 16:55:51 [0ec4] - SCAN: All_Files [ANSI]
21 May 2015 16:55:51 [0ec4] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
21 May 2015 16:55:51 [0ec4] - Scanning DNS Records...
21 May 2015 16:55:51 [0ec4] - Scanning Master Boot Record (Kernel)...
21 May 2015 16:55:52 [0ec4] - Scanning Logical Boot Records...
21 May 2015 16:55:54 [0ec4] - ***** Scanning For Hidden Rootkit Processes *****
21 May 2015 16:55:55 [0ec4] - ***** Scanning For Hidden Rootkit Services *****
21 May 2015 16:55:59 [0ec4] - ***** Scanning Memory Files *****
21 May 2015 16:56:33 [0ec4] - ***** Scanning Registry Files *****
21 May 2015 16:56:33 [0ec4] - ERROR(3)!!! Invalid Entry {B5FA2AE6-7A94-4382-8EA9-58C725AAB854} = C:\Windows\System32\ISCM32.dll (in key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). Action Taken: Removing it.
21 May 2015 16:58:19 [0ec4] - ERROR(3)!!! Invalid Entry {55D63393-DB17-4A2B-9052-15D85B4B1344} = C:\Windows\System32\WSCM32.dll (in key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). Action Taken: Removing it.
21 May 2015 16:58:21 [0ec4] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
21 May 2015 16:58:21 [0ec4] - ERROR(3)!!! Invalid Entry StubPath = "C:\Program Files\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome (in key HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}). Action Taken: Removing it.
21 May 2015 16:58:24 [0ec4] - ***** Scanning StartUp Folders *****
21 May 2015 16:58:39 [0ad8] - Please Wait Exiting Application...
21 May 2015 16:58:39 [0ec4] - ***** Scanning complete. *****
21 May 2015 16:58:39 [0ec4] - Total Objects Scanned: 2614
21 May 2015 16:58:39 [0ec4] - Total Critical Objects: 0
21 May 2015 16:58:39 [0ec4] - Total Disinfected Objects: 0
21 May 2015 16:58:39 [0ec4] - Total Objects Renamed: 0
21 May 2015 16:58:39 [0ec4] - Total Deleted Objects: 0
21 May 2015 16:58:39 [0ec4] - Total Errors: 3
21 May 2015 16:58:39 [0ec4] - Time Elapsed: 00:02:47
21 May 2015 16:58:39 [0ec4] - Virus Database Date: 02 Mar 2015
21 May 2015 16:58:39 [0ec4] - Virus Database Count: 6701505
21 May 2015 16:58:39 [0ec4] - Sign Version: 7.59505 [518257]
21 May 2015 16:58:39 [0ec4] - Scan Completed.
21 May 2015 16:58:47 [0ad8] - Virus Database Date: 02 Mar 2015
21 May 2015 16:58:47 [0ad8] - Virus Database Count: 6701505
21 May 2015 16:58:47 [0ad8] - Sign Version: 7.59505 [518257]
21 May 2015 16:58:59 [0ad8] - Uninitializing Scanner (3)...
21 May 2015 16:59:00 [0ad8] - Freeing Libraries (3)...
21 May 2015 16:59:00 [0ad8] - AV Library Unloaded (3)...
21 May 2015 16:59:00 [0ad8] - Exiting App...
21 May 2015 17:00:54 [0b3c] - **********************************************************
21 May 2015 17:00:54 [0b3c] - MWAV - eScanAV AntiVirus Toolkit.
21 May 2015 17:00:54 [0b3c] - Copyright © MicroWorld Technologies
21 May 2015 17:00:54 [0b3c] - **********************************************************
21 May 2015 17:00:54 [0b3c] - Version 14.0.178 (C:\USERS\BREWSTER\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
21 May 2015 17:00:54 [0b3c] - Log File: C:\Users\Brewster\AppData\Local\Temp\MWAV.LOG
21 May 2015 17:00:54 [0b3c] - Last Scan Date and Time: 21.05.2015 16:55:51
21 May 2015 17:00:54 [0b3c] - MWAV Registered: TRUE
21 May 2015 17:00:54 [0b3c] - User Account: Brewster (Administrator Mode)
21 May 2015 17:00:54 [0b3c] - OS Type: Windows Workstation [InstallType: Client]
21 May 2015 17:00:54 [0b3c] - OS: Windows 7 [OS Install Date: 05 Apr 2014 18:29:55]
21 May 2015 17:00:54 [0b3c] - Ver: Professional Service Pack 1 (Build 7601)
21 May 2015 17:00:54 [0b3c] - System Up Time: 38 Minutes, 15 Seconds


21 May 2015 17:00:54 [0b3c] - Parent Process Name : C:\Windows\Explorer.EXE
21 May 2015 17:00:54 [0b3c] - Windows Root Folder: C:\Windows
21 May 2015 17:00:54 [0b3c] - Windows Sys32 Folder: C:\Windows\system32
21 May 2015 17:00:54 [0b3c] - DHCP NameServer: 192.168.1.254 192.168.1.254
21 May 2015 17:00:54 [0b3c] - Interface0 DHCPNameServer: 192.168.1.254 192.168.1.254
21 May 2015 17:00:54 [0b3c] - Interface0 NameServer: 208.67.222.222,208.67.220.220
21 May 2015 17:00:54 [0b3c] - Interface1 DHCPNameServer: 192.168.1.254 192.168.1.254
21 May 2015 17:00:54 [0b3c] - Local Fixed Drives: c:\,f:\
21 May 2015 17:00:54 [0b3c] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
21 May 2015 17:00:54 [0b3c] - [CREATED ZIP FILE: C:\Users\Brewster\AppData\Local\Temp\pinfect.zip]
21 May 2015 17:00:54 [0b3c] - Latest Date of files inside MWAV: Mon Mar 2 17:13:53 2015.
21 May 2015 17:00:55 [0b3c] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Brewster\AppData\Local\Temp\ESCANDB.LOG]
21 May 2015 17:00:55 [0b3c] - Loaded/Created FileScan Cache Database...
21 May 2015 17:00:55 [0b3c] - Loading AV Library [DB]...
21 May 2015 17:01:01 [0b3c] - ArchiveScan: DISABLED
21 May 2015 17:01:01 [0b3c] - AV Library Loaded - MultiThreaded - 4 : [DB-DIRECT].
21 May 2015 17:01:01 [0b3c] - MWAV doing self scanning...
21 May 2015 17:01:01 [0b3c] - MWAV files are clean.
21 May 2015 17:01:02 [0b3c] - ArchiveScan: DISABLED
21 May 2015 17:01:02 [0b3c] - Virus Database Date: 02 Mar 2015
21 May 2015 17:01:02 [0b3c] - Virus Database Count: 6701505
21 May 2015 17:01:02 [0b3c] - Sign Version: 7.59505 [518257]
21 May 2015 17:01:12 [0b3c] - Downloading AntiVirus and Anti-Spyware Databases...
21 May 2015 17:06:31 [0b3c] - Update Successful...
21 May 2015 17:08:36 [0b3c] - Indexed Spyware Databases Successfully Created...
21 May 2015 17:08:37 [0b3c] - Old Sign Version: 7.59505 New Sign Version: 7.60686
21 May 2015 17:09:11 [0b3c] - Reload of AntiVirus Signatures successfully done.
21 May 2015 17:09:11 [0b3c] - Virus Database Date: 21 May 2015
21 May 2015 17:09:11 [0b3c] - Virus Database Count: 5534362
21 May 2015 17:09:11 [0b3c] - Sign Version: 7.60686 [519438]
21 May 2015 17:15:03 [0b3c] - **********************************************************
21 May 2015 17:15:03 [0b3c] - MWAV - eScanAV AntiVirus Toolkit.
21 May 2015 17:15:03 [0b3c] - Copyright © MicroWorld Technologies
21 May 2015 17:15:03 [0b3c] -
21 May 2015 17:15:03 [0b3c] - Support: support@escanav.com
21 May 2015 17:15:03 [0b3c] - Web: http://www.escanav.com
21 May 2015 17:15:03 [0b3c] - **********************************************************
21 May 2015 17:15:03 [0b3c] - Version 14.0.178[DB] (C:\USERS\BREWSTER\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
21 May 2015 17:15:03 [0b3c] - Log File: C:\Users\Brewster\AppData\Local\Temp\MWAV.LOG
21 May 2015 17:15:03 [0b3c] - User Account: Brewster (Administrator Mode)
21 May 2015 17:15:03 [0b3c] - Parent Process Name : C:\Windows\Explorer.EXE
21 May 2015 17:15:03 [0b3c] - Windows Root Folder: C:\Windows
21 May 2015 17:15:03 [0b3c] - Windows Sys32 Folder: C:\Windows\system32
21 May 2015 17:15:03 [0b3c] - OS: Windows 7 [OS Install Date: 05 Apr 2014 18:29:55]
21 May 2015 17:15:03 [0b3c] - Ver: Professional Service Pack 1 (Build 7601)
21 May 2015 17:15:03 [0b3c] - Latest Date of files inside MWAV: Mon Mar 2 17:13:53 2015.
21 May 2015 17:15:03 [0a84] - Options Selected by User:
21 May 2015 17:15:03 [0a84] - Memory Check: Enabled
21 May 2015 17:15:03 [0a84] - Registry Check: Enabled
21 May 2015 17:15:03 [0a84] - StartUp Folder Check: Enabled
21 May 2015 17:15:03 [0a84] - System Folder Check: Enabled
21 May 2015 17:15:03 [0a84] - Services Check: Enabled
21 May 2015 17:15:03 [0a84] - Scan Spyware: Enabled
21 May 2015 17:15:03 [0a84] - Scan Archives: Disabled
21 May 2015 17:15:03 [0a84] - Drive Check: Enabled
21 May 2015 17:15:03 [0a84] - All Drive Check :Disabled
21 May 2015 17:15:03 [0a84] - Drive Selected = C:\
21 May 2015 17:15:03 [0a84] - Folder Check: Disabled
21 May 2015 17:15:03 [0a84] - SCAN: All_Files [ANSI]
21 May 2015 17:15:03 [0a84] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
21 May 2015 17:15:03 [0a84] - Scanning DNS Records...
21 May 2015 17:15:03 [0a84] - Scanning Master Boot Record (Kernel)...
21 May 2015 17:15:03 [0a84] - Scanning Logical Boot Records...
21 May 2015 17:15:05 [0a84] - ***** Scanning For Hidden Rootkit Processes *****
21 May 2015 17:15:07 [0a84] - ***** Scanning For Hidden Rootkit Services *****
21 May 2015 17:15:10 [0a84] - ***** Scanning Memory Files *****
21 May 2015 17:15:14 [0a84] - ***** Scanning Registry Files *****
21 May 2015 17:15:15 [0a84] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
21 May 2015 17:15:15 [0a84] - ***** Scanning StartUp Folders *****
21 May 2015 17:17:22 [0a84] - ***** Scanning Service Files *****
21 May 2015 17:18:34 [0a84] - ERROR(2)!!! Invalid Entry "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\gupdate.
21 May 2015 17:18:34 [0a84] - ERROR(2)!!! Invalid Entry "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\gupdatem.
21 May 2015 17:19:10 [0a84] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\MREMPR5.
21 May 2015 17:19:10 [0a84] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\MRENDIS5.
21 May 2015 17:20:34 [0a84] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\TrkWks].
21 May 2015 17:20:52 [0a84] - ERROR(2)!!! Invalid Entry System32\drivers\rdvgkmd.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\VGPU.
21 May 2015 17:21:18 [0a84] - ***** Scanning Registry and File system for Adware/Spyware *****
21 May 2015 17:21:18 [0a84] - Loading Spyware Signatures from new External Database [Name: C:\Users\Brewster\AppData\Local\Temp\spydb.avs, Size: 464724]...
21 May 2015 17:21:18 [0a84] - Indexed Spyware Databases Successfully Created...
21 May 2015 17:21:45 [0a84] - Offending file found: C:\Users\Brewster\Documents\Auslogics\Auslogics Duplicate File Finder\Helper.dll
21 May 2015 17:21:45 [0a84] - System found infected with Banker.d Worm (Helper.dll)! Action taken: File Deleted.
21 May 2015 17:21:45 [0a84] - Object "Banker.d Worm" found in File System! Action Taken: File Deleted.

21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:51 [0a84] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
21 May 2015 17:21:58 [0a84] - ***** Scanning Registry Files *****
21 May 2015 17:21:59 [0a84] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
21 May 2015 17:21:59 [0a84] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
21 May 2015 17:21:59 [0a84] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = https://www.google.com/?trackid=sp-006
21 May 2015 17:21:59 [0a84] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
21 May 2015 17:21:59 [0a84] - ***** Scanning System32 Folders *****
21 May 2015 17:24:36 [0a84] - ***** Scanning Drive C:\ *****
21 May 2015 17:24:41 [0280] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\177.js.vir
21 May 2015 17:24:41 [0280] - File C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\177.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.

21 May 2015 17:24:42 [082c] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\21.js.vir
21 May 2015 17:24:42 [082c] - File C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\21.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.

21 May 2015 17:24:48 [0280] - ScanFile (C:\Boot\BCD) took 5828 ms
21 May 2015 17:25:19 [082c] - ScanFile (C:\Program Files\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 5204 ms
21 May 2015 17:27:42 [082c] - ScanFile (C:\Program Files\AVAST Software\Avast\setup\ais_cmp_webrep-7ed.vpx) took 11609 ms
21 May 2015 17:48:30 [09b0] - ScanFile (C:\System Volume Information\_restore{4B107EF5-63C6-4875-B82A-55A69654DF95}\RP217\A0079250.vpx) took 7218 ms
21 May 2015 18:22:21 [09b0] - ScanFile (C:\Users\Brewster\Downloads\Silverlight_Developer.exe) took 6938 ms
21 May 2015 18:22:45 [0d24] - ScanFile (C:\Users\Brewster\Downloads\Waterloo - Bernard Cornwell\Waterloo_ The History of Four Days, Three Armies and Three Battles - Bernard Cornwell.epub) took 6360 ms
21 May 2015 18:22:55 [0280] - ScanFile (C:\Users\Brewster\Downloads\Windows7UpgradeAdvisorSetup.exe) took 7829 ms
21 May 2015 18:32:11 [0280] - ScanFile (C:\Windows\Microsoft.NET\Framework\v4.0.30319\System.Design.dll) took 6297 ms
21 May 2015 18:33:58 [0d24] - ScanFile (C:\Windows\SoftwareDistribution\Download\5ad80a0c733af83dede19924ce3f7c8f808fb6a5) took 5531 ms
21 May 2015 18:34:18 [0280] - ScanFile (C:\Windows\SoftwareDistribution\Download\88504fb3cabaec6e994635c095bb4adb92835694) took 7906 ms
21 May 2015 19:17:28 [09b0] - Scanning File C:\zoek_backup\C_Users_Margies_AppData_Roaming_Mozilla_Firefox_Profiles_9nn3l12p.default_extensions_staged\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}\bootstrap.js
21 May 2015 19:17:28 [09b0] - File C:\zoek_backup\C_Users_Margies_AppData_Roaming_Mozilla_Firefox_Profiles_9nn3l12p.default_extensions_staged\{e48eb377-9675-4f2b-be40-b8ba3e0d933c}\bootstrap.js infected by "Trojan.JS.Agent.JMG (DB)" Virus! Action Taken: File Renamed.

21 May 2015 19:17:28 [0a84] - ***** Checking for specific ITW Viruses *****
21 May 2015 19:17:28 [0d24] - Scanning File C:\_OTL\MovedFiles\03012015_105051\C_Users\Brewster\AppData\Roaming\58775628-1424271261-11B2-8000-64456E4E6973\nsj3278.tmpfs
21 May 2015 19:17:28 [0d24] - File C:\_OTL\MovedFiles\03012015_105051\C_Users\Brewster\AppData\Roaming\58775628-1424271261-11B2-8000-64456E4E6973\nsj3278.tmpfs infected by "Gen:Variant.Adware.Mikey.8245 (DB)" Virus! Action Taken: File Renamed.

21 May 2015 19:17:28 [0a84] - ***** Scanning complete. *****
21 May 2015 19:17:28 [0a84] - Total Objects Scanned: 259482
21 May 2015 19:17:29 [0a84] - Total Critical Objects: 5
21 May 2015 19:17:29 [0a84] - Total Disinfected Objects: 0
21 May 2015 19:17:29 [0a84] - Total Objects Renamed: 4
21 May 2015 19:17:29 [0a84] - Total Deleted Objects: 1
21 May 2015 19:17:29 [0a84] - Total Errors: 5
21 May 2015 19:17:29 [0a84] - Time Elapsed: 02:02:25
21 May 2015 19:17:29 [0a84] - Virus Database Date: 21 May 2015
21 May 2015 19:17:29 [0a84] - Virus Database Count: 5534362
21 May 2015 19:17:29 [0a84] - Sign Version: 7.60686 [519438]
21 May 2015 19:17:29 [0a84] - Scan Completed.

============================================================================================================================================================

Zemana AntiMalware 2.14.2.667 (Installed)
-------------------------------------------------------
Scan Result : Completed
Scan Date : 2015/5/21
Operating System : Windows 7 32-bit
Processor : 2X Intel(R) Pentium(R) 4 CPU 3.06GHz
BIOS Mode : Legacy
CUID : 00E586584593DE4DFEB0E0
Scan Type : Deep Scan
Duration : 16m 14s
Scanned Objects : 32413
Detected Objects : 8
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Yes
Show All Extensions : No
Scan Documents : Yes
Domain Info : WORKGROUP,1,2


Detected Objects
-------------------------------------------------------
Tabs Hijack (System)
Status : Scanned
Object : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\Tabs
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Setting
Cleaning Action : Repair
Traces :
Registry - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\Tabs

Chrome Search
Status : Scanned
Object : Binkiland - http://binkiland.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Traces :
Browser Setting - Chrome Search

Chrome Startup Url
Status : Scanned
Object : http://binkiland.com/?f=7&a=bnk_cmi...G0CyCzyzztByE0Fzzzy0FyBtB2Q&cr=1153712314&ir=
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Traces :
Browser Setting - Chrome Startup Url

lpleipinonnoibneeejgjnoeekmbopbc
Status : Scanned
Object : %localappdata%\google\chrome\user data\default\extensions\lpleipinonnoibneeejgjnoeekmbopbc\10330.7396.5987_0\background.js
MD5 : 966863B2D9632EC971E0C98EC0AF6D4F
Publisher : -
Size : 2082
Version : -
Detection : Adware:Win32/BrowserHijack.Gen
Cleaning Action : Repair
Traces :
File - %localappdata%\google\chrome\user data\default\extensions\lpleipinonnoibneeejgjnoeekmbopbc\10330.7396.5987_0\background.js
Extension - lpleipinonnoibneeejgjnoeekmbopbc

WINZIPSSRegistryOptimizer.exe
Status : Scanned
Object : %programfiles%\winzip\utils\wzsysscan\winzipssregistryoptimizer.exe
MD5 : 976D40622F283CA543385FB8CDEADE69
Publisher : WinZip Computing
Size : 241480
Version : 1.0.648.10762
Detection : Scareware:Win32/FakeOptimizer
Cleaning Action : Quarantine
Traces :
File - %programfiles%\winzip\utils\wzsysscan\winzipssregistryoptimizer.exe

WINZIPSSHelper.dll
Status : Scanned
Object : %programfiles%\winzip\utils\wzsysscan\winzipsshelper.dll
MD5 : 29471EFC62E40020408FA033531A6795
Publisher : WinZip Computing
Size : 685384
Version : 1.0.648.10781
Detection : Scareware:Win32/FakeOptimizer
Cleaning Action : Quarantine
Traces :
File - %programfiles%\winzip\utils\wzsysscan\winzipsshelper.dll

ninja-setup-3.0.6.exe
Status : Scanned
Object : %userprofile%\downloads\ninja-setup-3.0.6.exe
MD5 : 24FE0BB7A85A866B487D15C0EB6E3A74
Publisher : -
Size : 2507200
Version : 0.0.0.0
Detection : Adware:Win32/OpenCandy
Cleaning Action : Quarantine
Traces :
File - %userprofile%\downloads\ninja-setup-3.0.6.exe

JavaUpdate_Rapport.exe
Status : Scanned
Object : %userprofile%\downloads\javaupdate_rapport.exe
MD5 : 2C1A57069523D230E90CF76757A3795C
Publisher : -
Size : 856523
Version : 1.0.0.3
Detection : Malware:Win32/Edizz.A!Ekke
Cleaning Action : Quarantine
Traces :
File - %userprofile%\downloads\javaupdate_rapport.exe


Cleaning Result
-------------------------------------------------------
Cleaned : 8
Reported as safe : 0
Failed : 0

============================================================================================================================================================

All yours Mal.. :)
 

Malnutrition

Still Hungry
iHF Master Craftsman
#8
Adware Removal Tool.

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/



Hit Ok.



Hit next make sure to leave all items checked, for removal.




The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, then OK again to finish up. Post log generated by tool.



Step 2: ZHP Cleaner.



Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.



Step 3: Security Check.



Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document




Step 4: Minitoolbox.


Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Eset Scan

http://www.eset.com/us/online-scanner/

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/for...nti-virus-firewall-and-anti-malware-programs/





  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the
    icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
 

brewster393

Member
iHF Regular
#9
O.K. as requested

Screen317 SecurityCheckUp.txt

Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Zemana AntiMalware
CCleaner
Java 7 Update 65
Java 7 Update 80
Java 8 Update 31
Java 8 Update 45
Adobe Flash Player 17.0.0.188
Adobe Reader XI
Mozilla Firefox (38.0.1)
````````Process Check: objlist.exe by Laurent````````
Zemana AntiMalware ZAM.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````


ESET Scan.txt

C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\GoogleUpdate.exe.vir Win32/AlteredSoftware.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir Win32/AlteredSoftware.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir Win32/AlteredSoftware.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir a variant of Win32/AlteredSoftware.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir a variant of Win32/AlteredSoftware.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll.vir Win32/AlteredSoftware.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir a variant of Win32/AlteredSoftware.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir Win32/AlteredSoftware.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll.vir a variant of Win32/AlteredSoftware.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll.vir a variant of Win32/AlteredSoftware.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\1.js.vir JS/Toolbar.Crossrider.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\103.js.vir JS/Toolbar.Crossrider.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\190.js.vir JS/Toolbar.Crossrider.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\21.js.vir.mwt JS/Toolbar.Crossrider.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brewster\AppData\Roaming\Mozilla\Firefox\Profiles\9rsysppe.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\28.js.vir JS/Toolbar.Crossrider.F potentially unwanted application deleted - quarantined
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Users\Brewster\Downloads\ccsetup505.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Brewster\Downloads\DriverDownloader.exe a variant of Win32/Adware.SpeedingUpMyPC.AH application cleaned by deleting - quarantined
C:\Windows\Installer\dbb0e.msi a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\_OTL\MovedFiles\03012015_105051\C_Users\Brewster\AppData\Roaming\58775628-1424271261-11B2-8000-64456E4E6973\nsj3278.tmpfs.mwt a variant of Win32/Adware.ICLoader.JA application cleaned by deleting - quarantined

Adware Repair Logs

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_05_23_11_17_59
OS: Windows 7 - 32 Bit
Account Name: Brewster
U0L0S53

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - Folder - C:\ProgramData\Wondershare
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:tcp query user{8c36fe09-6462-404a-864e-998611817c60}c:\users\brewster\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:udp query user{c24c194b-46d0-47f4-84d2-1a55d4a1ecc6}c:\users\brewster\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966:2180bd1e06d2bd34ea90c607729db382
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966\2180BD1E06D2BD34EA90C607729DB382:file
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:tcp query user{8c36fe09-6462-404a-864e-998611817c60}c:\users\brewster\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:udp query user{c24c194b-46d0-47f4-84d2-1a55d4a1ecc6}c:\users\brewster\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValue - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION:smartbar.exe
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\common\icons\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\common\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\common\iconswide\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\distributionfiles\profiles\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\distributionfiles\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\js\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\helperbar@helperbar.com\chrome\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\helperbar@helperbar.com\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\css\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\images\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\amfclgbdpgndipgoegfpkkgobahigbcl\publisherimages\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\helperbar@helperbar.com\chrome\images\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\distributionfiles\configs\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\helperbar@helperbar.com\components\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\configs\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\helperbar@helperbar.com\chrome\publisherimages\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\common\servicesplugins\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\es\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\pt\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\nl\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\fr\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\it\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\ar\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\he\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\ru\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\tr\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\application\de\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\brewster\appdata\local\smartbar\common\configs\
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE:Wondershare
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Wondershare
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application:Torntv
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished

MiniToolBox

MiniToolBox by Farbar Version: 23-01-2014
Ran by Brewster (administrator) on 23-05-2015 at 13:03:53
Running from "C:\Users\Brewster\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

TP-LINK 300Mbps Wireless N Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
VIA Rhine III Fast Ethernet Adapter = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Brewster-Puter
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 96-F6-52-0D-14-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : VIA Rhine III Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-0C-76-84-77-97
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : TP-LINK 300Mbps Wireless N Adapter
Physical Address. . . . . . . . . : 90-F6-52-0D-14-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::49ef:e8ae:455a:efd7%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 23 May 2015 12:40:42
Lease Expires . . . . . . . . . . : 24 May 2015 12:40:46
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 328267346
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-12-37-6F-90-F6-52-0D-14-A7
DNS Servers . . . . . . . . . . . : 192.168.1.254
192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: BTHomeHub.home
Address: 192.168.1.254

Name: google.com
Address: 216.58.208.46


Pinging google.com [216.58.208.46] with 32 bytes of data:
Reply from 216.58.208.46: bytes=32 time=12ms TTL=55
Reply from 216.58.208.46: bytes=32 time=11ms TTL=55

Ping statistics for 216.58.208.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 12ms, Average = 11ms
Server: BTHomeHub.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 206.190.36.45
98.139.183.24
98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=157ms TTL=47
Reply from 206.190.36.45: bytes=32 time=157ms TTL=47

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 157ms, Maximum = 157ms, Average = 157ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...96 f6 52 0d 14 a7 ......Microsoft Virtual WiFi Miniport Adapter
14...00 0c 76 84 77 97 ......VIA Rhine III Fast Ethernet Adapter
13...90 f6 52 0d 14 a7 ......TP-LINK 300Mbps Wireless N Adapter
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.69 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.69 281
192.168.1.69 255.255.255.255 On-link 192.168.1.69 281
192.168.1.255 255.255.255.255 On-link 192.168.1.69 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.69 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.69 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::49ef:e8ae:455a:efd7/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/23/2015 01:03:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x91c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (05/23/2015 00:40:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2015 11:42:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xe3c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (05/23/2015 10:51:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 01:08:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 11:33:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 11:23:37 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {62e8d79f-da94-4099-a839-a08092f19864}

Error: (05/22/2015 11:15:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 08:03:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdatem) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (05/21/2015 08:03:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdate) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (05/23/2015 00:40:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/23/2015 00:40:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (05/23/2015 00:40:23 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/23/2015 00:37:26 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/23/2015 11:42:36 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/23/2015 11:42:31 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/23/2015 10:51:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (05/23/2015 10:51:29 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/22/2015 01:08:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (05/22/2015 01:08:00 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.


Microsoft Office Sessions:
=========================
Error: (05/23/2015 01:03:57 PM) (Source: Application Error)(User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa191c01d0954de1383dbaC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllc9df8ff2-0143-11e5-935d-000c76847797

Error: (05/23/2015 00:40:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2015 11:42:33 AM) (Source: Application Error)(User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1e3c01d0953fd7d3ce96C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll6a80c766-0138-11e5-8dc3-000c76847797

Error: (05/23/2015 10:51:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 01:08:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 11:33:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 11:23:37 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {62e8d79f-da94-4099-a839-a08092f19864}

Error: (05/22/2015 11:15:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/21/2015 08:03:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdatem) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (05/21/2015 08:03:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Google Update Service (gupdate) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.


=========================== Installed Programs ============================

******** (Version: 3.4.3.40298)
Adobe Flash Player 17 ActiveX (Version: 17.0.0.188)
Adobe Flash Player 17 NPAPI (Version: 17.0.0.188)
Adobe Reader XI (11.0.11) (Version: 11.0.11)
Adobe Refresh Manager (Version: 1.8.0)
Amazon Kindle
Apple Application Support (32-bit) (Version: 3.1.2)
Apple Mobile Device Support (Version: 8.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0.6 (Version: 2.0.6)
Auslogics DiskDefrag (Version: 5.4.0.0)
Avast Free Antivirus (Version: 10.2.2218)
Bonjour (Version: 3.0.0.10)
BT Desktop Help
calibre (Version: 2.28.0)
CCleaner (Version: 5.05)
C-Media WDM Audio Driver
Cole2k Media - Codec Pack (Advanced) 8.0.2 (Version: 8.0.2)
ConvertXtoDVD 3.3.2.100 (Version: 3.3.2.100)
Creatix V.9X DSP Data Fax Modem
DC-Bass Source 1.3.0
DivX Setup (Version: 2.6.1.8)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
ffdshow v1.1.4399 [2012-03-22] (Version: 1.1.4399.0)
Free PDF to JPG Converter (Version: 1.0.0)
Google Chrome (Version: 41.0.2272.118)
Google Update Helper (Version: 1.3.25.11)
GoToAssist Corporate (Version: 10.4.0.896)
Haali Media Splitter
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Photo Creations (Version: 1.0.0.18142)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Update (Version: 5.005.002.002)
HPDiagnosticAlert (Version: 1.00.0001)
iTunes (Version: 12.1.1.4)
Java 7 Update 65 (Version: 7.0.650)
Java 7 Update 80 (Version: 7.0.800)
Java 8 Update 31 (Version: 8.0.310)
Java 8 Update 45 (Version: 8.0.450)
Java Auto Updater (Version: 2.8.45.14)
K-Lite Codec Pack 9.4.0 (Basic) (Version: 9.4.0)
Lagarith Lossless Codec (1.3.27)
LAME v3.99.3 (for Windows)
Leawo Video Converter version 6.0.0.0 (Version: 6.0.0.0)
Malwarebytes Anti-Malware version 2.1.6.1022 (Version: 2.1.6.1022)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 38.0.1 (x86 en-US) (Version: 38.0.1)
Mozilla Maintenance Service (Version: 34.0.5)
Nero 6 Ultra Edition
QuickTime 7 (Version: 7.76.80.95)
Recuva (Version: 1.51)
Revo Uninstaller 1.95 (Version: 1.95)
RocketDock 1.3.5
Sigil 0.7.4
Speccy (Version: 1.26)
SUPERAntiSpyware (Version: 5.7.1026)
System Ninja version 3.0.6 (Version: 3.0.6)
Toolwiz Smart Defrag 2011 (Version: 1.3.0.0)
TP-LINK Wireless Client Utility (Version: 7.0)
TreeSize Free V2.4 (Version: 2.4)
Unchecky v0.3.7.5 (Version: 0.3.7.5)
Unknown Device Identifier 8.01 (Version: 8.01)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VIA Rhine Family Fast Ethernet Adapter
VSO ConvertXToDVD (Version: 5.2.0.42)
WinRAR 5.21 (32-bit) (Version: 5.21.0)
WinX HD Video Converter Deluxe 5.5.2
WinZip 19.0 (Version: 19.0.11294)
WinZip 19.5 (Version: 19.5.11475)
Wipe (Version: 2015.05)
Xvid Video Codec (Version: 1.3.2)
Zemana AntiMalware (Version: 2.14.667)

========================= Devices: ================================

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


**** End of log ****

ZHPCleaner


~ ZHPCleaner v2015.5.22.248 by Nicolas Coolman (2015\05\22)
~ Run by Brewster (Administrator) (23/05/2015 12:32:11)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : No network file
~ Type : Repair
~ Report : C:\Users\Brewster\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Brewster\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (0)
~ No malicious items found.


---\\ Hosts file (0)
~ No malicious items found.


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (22)
MOVED file: C:\Users\Brewster\AppData\Roaming\inst.exe (Adware.Pirrit)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter (PUP.InstallConverter)
MOVED folder*: C:\Windows\Installer\MSI2608.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI32CA.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI3B28.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI44AE.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI5514.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI55A7.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI89CA.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSI9AB1.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIA3C0.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIA455.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIB65F.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIC05A.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIC12E.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIC9F9.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSICE39.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSID0D5.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIDD72.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIDF4D.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIF167.tmp- (Empty)
MOVED folder*: C:\Windows\Installer\MSIFA39.tmp- (Empty)


---\\ Registry ( Key, Value, Data) (11)
REPLACED data: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} (Hijacker.SearchScopes)
DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BD007F4F-4AED-4B81-80D4-7B9FC772457C}\\NameServer [Bad : 208.67.222.222,208.67.220.220] (Hijacker.Browser)
DELETED key*: HKEY_USERS\S-1-5-21-3299126282-3657997626-4182433575-1000\Software\Classes\TornTvDownloader.File [TornTvDownloader.torrent File] (Hijacker.TornTV)
DELETED key*: HKLM\SOFTWARE\Classes\TornTvDownloader.File [] (Hijacker.TornTV)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3299126282-3657997626-4182433575-1000\Products\363FB0CBBA367FF4E81FEAD0F717B142 [LPT System Updater Service] (Adware.IncrediBar)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 1528
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 33


End of clean at 12:32:48
===================
ZHPCleaner-[R]-23052015-12_32_48.txt
ZHPCleaner--23052015-12_31_59.txt
 
Last edited by a moderator:

Malnutrition

Still Hungry
iHF Master Craftsman
#10
Step 1: Combofix

Download Combofix from HERE, and save it to your desktop.

**Note: It is important that it is saved directly to your desktop**


IMPORTANT!! - Disable your AntiVirus and AntiSpyware applications.


Double click on ComboFix.exe & follow the prompts.

  • If you have trouble, stop and post back. Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.
.
Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Step 2:Malwarebytes AntiRootkit


DownloadMalwarebytes AntiRootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt

Step 3: Hitman Pro Scan



Download Zemana Cloud AntiMalware from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.

http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware.exe 32 bit
http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware_x64.exe 64 bit

Note: If you have used Hitman Pro in the past you will not be able to activate a free license for this product.

Save the file to your desktop.
Right Click and run as administrator.
Click Next to scan for malicious software.
Tick the box that reads. " No I only want to perform a one time scan to check this computer"


Hit Next.



Upon scan completion. Now click on on save log and save to your desktop. Hit next to activate.



After you activate, remove malware and post the log created in your next reply.
 

brewster393

Member
iHF Regular
#11
Greetings and salutations!
I have followed the instructions to the letter, so find attached the combo fix log - there was no thing found on the root kit scan so no log was generated.
As far as the Zemana cloud antimalware is concerned, I downloaded it to my desktop and it came up with an error msge
"windows cannot verify the the digital signature for this file", so I tried to get it by going direct to the internet - the only zemana programme I could get was the original antimalware that you asked me to run earlier, so at the moment that one is a none starter, the computer is now back to normal if I stay within the computer itself i.e. watching a film or typing on word, but as soon as I try and join the big bad world (for instance there is a 5 or 6 second delay on my typing this and it appearing on the monitor) and if I try and browse the internet and use the scroll up or down function I am chasing the picture for a pastime. I am on a wireless connection to my hub and have even tried using cable to no effect.
So apart from throwing the whole thing into a skip (dumpster) is there anything else..............
Yours in desperation
Brewster
 

Attachments

Lord Chance

iHelpForum Jester & Door Greeter
iHF Veteran
Advisor
WCG Team Member
#13
Greetings and salutations!
I have followed the instructions to the letter, so find attached the combo fix log - there was no thing found on the root kit scan so no log was generated.
As far as the Zemana cloud antimalware is concerned, I downloaded it to my desktop and it came up with an error msge
"windows cannot verify the the digital signature for this file", so I tried to get it by going direct to the internet - the only zemana programme I could get was the original antimalware that you asked me to run earlier, so at the moment that one is a none starter, the computer is now back to normal if I stay within the computer itself i.e. watching a film or typing on word, but as soon as I try and join the big bad world (for instance there is a 5 or 6 second delay on my typing this and it appearing on the monitor) and if I try and browse the internet and use the scroll up or down function I am chasing the picture for a pastime. I am on a wireless connection to my hub and have even tried using cable to no effect.
So apart from throwing the whole thing into a skip (dumpster) is there anything else..............
Yours in desperation
Brewster
Hello Brewster,

The message you got from Zemana only means that Windows could not verify the digital signature and that can be common with third party software not associated with Microsoft. As I trust Malnutrition it should be safe to ignore the warning and continue on.

I am in agreement with Driver_Ian. Your problem may be with your service provider. If you are having issues with both wired and wireless then you may need to reinitialize your modem. If you have one of the following device configurations follow the order given.

If your configuration is Modem\Computer without router or hub
  1. Turn off modem and computer
  2. Wait 10 seconds then switch modem back on
  3. Wait for modem to initialize and settle (all lights green and steady)
  4. Reboot computer
If your configuration is Modem\Router\Computer
  1. Turn off the modem, router and computer
  2. Wait 10 seconds then switch modem back on
  3. Wait for the modem to initialize and settle
  4. Turn on router
  5. Let router initialize and settle
  6. Reboot computer
If you are still experiencing a slow connection then hardware or service issues may be indicated. Sometime a modem may need to be reinitialized to clear the nvram. Hope this helps. :)
 

brewster393

Member
iHF Regular
#14
Greetings and salutations!
O.K. OOKLA speed test is as follows: Ping 26ms; Download Speed 29.82 Mbps; Upload Speed 9.33 Mbps; My trust in malnutrition is absolute but the programme will not run after telling me about the error, And reinitializiation of the modem was the first thing I did!
Thanks for the input.............
Brewster
 

Lord Chance

iHelpForum Jester & Door Greeter
iHF Veteran
Advisor
WCG Team Member
#15
Greetings and salutations!
O.K. OOKLA speed test is as follows: Ping 26ms; Download Speed 29.82 Mbps; Upload Speed 9.33 Mbps; My trust in malnutrition is absolute but the programme will not run after telling me about the error, And reinitializiation of the modem was the first thing I did!
Thanks for the input.............
Brewster
Ah! Very good Brewster. Security setting is the most likely reason the program would not run but that is Mal's expertise. Your speed test looks good to me. I wish I had just half your Upload/Download speeds. I live in a rural area so I have to contend with a snails pace of 1 up and 6 down. Bloody AT&T won't do better. :caution:
 

Malnutrition

Still Hungry
iHF Master Craftsman
#16
Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (Xp Users double click)
Copy and paste the items below and paste them into Zoek.

createsrpoint;
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
ResetHosts;
iedefaults;
shortcutfix;
symlinksfix;
autoclean;


Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.



Please download and save FRST 64bit or FRST 32 bit to your Desktop.


CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.