Solved Malware detected, clean now but comp still running poorly.

JstRelax

New member
Local time
4:29 PM
Messages
15
Good day everyone,
I'm not sure how it happened but last week I noticed my comp running incredibly slow, freezing up, programs malfunctioning, etc... I ran Anti-Malwarebytes and sure enough I had some Malware. Here is the initial Scan:

Malwarebytes Anti-Malware
Scan Date: 5/21/2015
Scan Time: 11:16:19 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.21.04
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bob

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 415725
Time Elapsed: 1 hr, 42 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [e563d4c25c2e46f0ff700907986ce31d],

Registry Values: 1
PUP.Vulnerable.DellSystemDetect, HKU\S-1-5-21-3829630863-2373432100-1501377825-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\bob\AppData\Local\Apps\2.0\R36N6J7H.EL7\N5PKC76J.RMW\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe, No Action By User, [88c05442ff8bca6c72a4da03cb38827e]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.Delta.A, C:\Users\bob\AppData\LocalLow\Delta\delta, Quarantined, [ec5c4f478a00ef47271c36a3be45b14f],

Files: 4
PUP.Optional.Somoto.A, C:\Users\bob\AppData\Local\Temp\nswC086.tmp, Quarantined, [4305cec8b0da5dd9572692f07b8607f9],
PUP.Optional.Somoto, C:\Users\bob\AppData\Local\Temp\bitool.dll, Quarantined, [ea5e22743d4d88aeeb728c7fd82bce32],
Rogue.Link, C:\Users\bob\Favorites\MP3 download MyFreeMp3.eu.url, Quarantined, [86c276201f6bec4a64b81c4583817789],
PUP.Optional.GoForFiles.A, C:\Windows\System32\Tasks\GoforFilesUpdate, Quarantined, [311744526a20a294e9cb4b188a7b6d93],

Physical Sectors: 0
(No malicious items detected)

(end)
--------------------------------------------------------------------

I then ran CCleaner, Dr. Web Cureit and Anti Malware again. It came up clean but comp still running badly. Then ran AdwCleaner with these results:

# AdwCleaner v4.205 - Logfile created 23/05/2015 at 12:52:09
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : bob - BOB-PC
# Running from : G:\Bob\Programs from other Computer\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Device
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\bob\AppData\Local\PackageAware
Folder Found : C:\Users\bob\AppData\LocalLow\Delta
Folder Found : C:\Users\bob\AppData\Roaming\goforfiles
Folder Found : C:\Users\bob\Documents\Updater

***** [ Scheduled tasks ] *****

Task Found : GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\928cdebd35bd49
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\GoforFiles
Key Found : HKLM\SOFTWARE\PIP
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v38.0.1 (x86 en-US)


*************************

I then ran Junkware Removal Tool. It found some things as well. Sorry I didn't save the log. Then ran AntiMalwarebytes again, then Hitman Pro. Did all of the above again and was coming up clean. Comp was still running badly. Ran Emsisoft Anti-Malware and came up clean. Then ran RKill, here's the log:

Rkill 2.7.0 by Lawrence Abrams (Grinler)

Program started at: 05/26/2015 02:38:43 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Ancillary Function Driver for Winsock (AFD) is not Running.
Startup Type set to: System

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* NetBT (NetBT) is not Running.
Startup Type set to: System

* NSI proxy service driver. (nsiproxy) is not Running.
Startup Type set to: System

* NetIO Legacy TDI Support Driver (tdx) is not Running.
Startup Type set to: System

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/26/2015 02:44:39 PM
Execution time: 0 hours(s), 5 minute(s), and 55 seconds(s)
------------------------------------------------------

Then ran FixExec and SuperAntiSpyware. Came up clean. Ran TDSS Killer, I have the log but it is VERY long. Should I post the whole thing? I then ran RogueKiller, here is that log:

RogueKiller V10.7.0.0 [May 25 2015] by Adlice Software

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : bob [Administrator]
Started from : C:\Users\bob\Desktop\RogueKiller.exe
Mode : Scan -- Date : 05/27/2015 14:21:22

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 40 ¤¤¤
[PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Found
[PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077} -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} : Canon Easy-WebPrint EX -> Found
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {47833539-D0C5-4125-9FA8-0819E2EAAC93} : -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3829630863-2373432100-1501377825-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \\4488 -- wscript.exe (C:\Users\bob\AppData\Local\Temp\launchie.vbs //B) -> Found

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-75A23T0 +++++
--- User ---
[MBR] a4d23e1f3c9f6ab870ac71a947ecc07a
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 208845 | Size: 15000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 30928845 | Size: 290142 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

============================================


I then ran OTL by Oldtimer, again the log is extremely long so I was not sure how to proceed. All of this was done in Safe Mode by the way. For the most part it seems to be coming up clean but it's still not running correctly. Browser freezes up, programs randomly freeze up, simply right clicking on something will take 3 minutes to go through. Then randomly it'll run fine for an hour or so. Any help on how to proceed would be extremely appreciated. Thank you so much
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Good day everyone,
<snip>
All of this was done in Safe Mode by the way.


Hi:

I'll defer to jacee and/or cottonball, who are formally trained in malware removal.

However, just to note:

Malwarebytes Anti-Malware (MBAM) should not be routinely run in Windows Safe Mode.
In order to work properly, it should be run in Normal Mode.
If it is does not run that way -- perhaps because of heavy infection -- then there are other strategies to get it to run, such as Chameleon.

More info about v2.1.6 HERE - User Guide ONLINE - User Guide PDF - FAQ: Common Questions, Issues, and their Solutions

Cheers,
 

My Computer My Computer

At a glance

OEM Windows 7 Ult (x64) SP1Intel Core-i7 3770 @ 3.4 GHz16 GB DDR3 SDRAM @ 1333 MHzNVidia GeForce GT620 1 GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Studio XPS 8500
OS
OEM Windows 7 Ult (x64) SP1
CPU
Intel Core-i7 3770 @ 3.4 GHz
Motherboard
"Dell" branded
Memory
16 GB DDR3 SDRAM @ 1333 MHz
Graphics Card(s)
NVidia GeForce GT620 1 GB
Sound Card
THX TruStudio PC
Monitor(s) Displays
Dell U2410 Full HD
Hard Drives
2.0 TB SATA2 @ 7200 RPM
PSU
350W
Keyboard
MS 4000 Ergon - Wired
Mouse
Logitech Anywhere MX
Internet Speed
Cable HSI w/Turbo (router)
Antivirus
KIS-MBAM Premium-MBAE Premium
Browser
Fx (current version); IE
Other Info
And a Win7/64 Pro laptop; And a Win10/64 Pro desktop.
Thanks for the reply moxiemamma. Yes I have ran Anti-malwarebytes in Safe Mode as well as Normal mode. Nothing is prevention it from running.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Hi:

Sorry for the misunderstanding.
I only saw mention of Safe Mode in your post:
All of this was done in Safe Mode by the way...

Cheers,
 

My Computer My Computer

At a glance

OEM Windows 7 Ult (x64) SP1Intel Core-i7 3770 @ 3.4 GHz16 GB DDR3 SDRAM @ 1333 MHzNVidia GeForce GT620 1 GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Studio XPS 8500
OS
OEM Windows 7 Ult (x64) SP1
CPU
Intel Core-i7 3770 @ 3.4 GHz
Motherboard
"Dell" branded
Memory
16 GB DDR3 SDRAM @ 1333 MHz
Graphics Card(s)
NVidia GeForce GT620 1 GB
Sound Card
THX TruStudio PC
Monitor(s) Displays
Dell U2410 Full HD
Hard Drives
2.0 TB SATA2 @ 7200 RPM
PSU
350W
Keyboard
MS 4000 Ergon - Wired
Mouse
Logitech Anywhere MX
Internet Speed
Cable HSI w/Turbo (router)
Antivirus
KIS-MBAM Premium-MBAE Premium
Browser
Fx (current version); IE
Other Info
And a Win7/64 Pro laptop; And a Win10/64 Pro desktop.
JstRelax,

There are problems in the services area. Let's see if the following helps...

Please start the computer in: Safe Mode with Networking

Next, use the Windows Repair (All in One)
Download > Windows Repair (All In One) Download
Save to the Desktop

Right-click the tweaking.com program icon on the Desktop, and select: Run as Administrator
Click Next at the Setup, and follow the prompts.

Make sure to temporarily disable your AntiVirus program before the repairs are done.

At the program's console...
Go to Step 5 Backup, and under System Restore click on: Create

Next, go to Repairs tab and click: Automatically do a Registry Backup
Also click: Open Repairs

In the next prompt, press: Unselect all
(The items seen are checked by default, and you do not need all of them.)

Under Repair Options (on the left side) only check/select:
03 - Reset Service Permissions
26 - Restore Important Windows Services
27 - Set Windows Services to Default Startup

On the right side, check: Restart/Shutdown system when finished

Press: Start Repairs

When the program finishes, restart the computer.

Please post Windows the Repair log in your reply. It is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

Also, please run RKill once again, like you did before, and post the new RKill report in your reply.

Thanks!
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Hi Cottonball, Thanks for your help. Here's the Tweaking report:

Tweaking.com - Windows Repair v3.0.0
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: BOB-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\bob
Current Profile SID: S-1-5-21-3829630863-2373432100-1501377825-1000
Current Profile Classes: S-1-5-21-3829630863-2373432100-1501377825-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\bob\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:09:54

Process Count: 26
Commit Total: 855.96 MB
Commit Limit: 12.68 GB
Commit Peak: 1.59 GB
Handle Count: 6331
Kernel Total: 216.35 MB
Kernel Paged: 169.82 MB
Kernel Non Paged: 46.53 MB
System Cache: 482.96 MB
Thread Count: 287
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.80 GB
Memory Used: 903.23 MB(11.3066%)
Memory Avail.: 6.92 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.80 GB
Memory Used: 773.69 MB(9.685%)
Memory Avail.: 7.05 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (5/27/2015 8:57:25 PM)

03 - Reset Service Permissions
Start (5/27/2015 8:57:27 PM)

Running Repair Under Current User Account
Running Repair Under System Account
Done (5/27/2015 8:57:36 PM)

26 - Restore Important Windows Services
Start (5/27/2015 8:57:36 PM)
Running Repair Under Current User Account

Decompressing & Updating Windows Permission File services.txt
Done, 0.16 seconds.

Running Repair Under System Account
Done (5/27/2015 8:57:50 PM)

27 - Set Windows Services To Default Startup
Start (5/27/2015 8:57:50 PM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (5/27/2015 8:57:58 PM)

Cleaning up empty logs...

All Selected Repairs Done.
Done at (5/27/2015 8:57:58 PM)
Total Repair Time: 00:00:34


...YOU MUST RESTART YOUR SYSTEM...
-------------------------------------------------

Here is the Rkill report:

Rkill 2.7.0 by Lawrence Abrams (Grinler)
Bleeping Computer - Technical Support and Computer Help
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
RKill - What it does and What it Doesn't - A brief introduction to the program - Anti-Virus and Anti-Malware Software

Program started at: 05/27/2015 09:24:13 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/27/2015 09:51:04 PM
Execution time: 0 hours(s), 26 minute(s), and 50 seconds(s)



Thank You!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Checking Windows Service Integrity:
* No issues found.



Any improvement?
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
No not yet. After I ran the tweaking repair it froze while loading up in normal mode. Had to reboot then run Rkill. After that still no improvement. My windows live mail client locked up for about 5 mins. Even just opening the folders to get to the tweaking log took forever. There'd be a delay after each click.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Hi, again:

Sorry to interrupt -- JstRelax, please continue to work with cottonball.

However, upon re-reading your original post I noticed that you had MBAM configured only to "warn" for PUPs, not to remove them.

Malwarebytes Anti-Malware
Scan Date: 5/21/2015
Scan Time: 11:16:19 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
When you are finished cleaning and repairing your system, you might want to change the MBAM Settings for PUPs and PUMs to "Treat Detections as Malware".

Cheers,
 

Attachments

  • PUP-PUM-2015-05-28_5-37-35.png
    PUP-PUM-2015-05-28_5-37-35.png
    47.8 KB · Views: 2

My Computer My Computer

At a glance

OEM Windows 7 Ult (x64) SP1Intel Core-i7 3770 @ 3.4 GHz16 GB DDR3 SDRAM @ 1333 MHzNVidia GeForce GT620 1 GB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Studio XPS 8500
OS
OEM Windows 7 Ult (x64) SP1
CPU
Intel Core-i7 3770 @ 3.4 GHz
Motherboard
"Dell" branded
Memory
16 GB DDR3 SDRAM @ 1333 MHz
Graphics Card(s)
NVidia GeForce GT620 1 GB
Sound Card
THX TruStudio PC
Monitor(s) Displays
Dell U2410 Full HD
Hard Drives
2.0 TB SATA2 @ 7200 RPM
PSU
350W
Keyboard
MS 4000 Ergon - Wired
Mouse
Logitech Anywhere MX
Internet Speed
Cable HSI w/Turbo (router)
Antivirus
KIS-MBAM Premium-MBAE Premium
Browser
Fx (current version); IE
Other Info
And a Win7/64 Pro laptop; And a Win10/64 Pro desktop.
@MoxieMomma,

Thanks!!!!
That one went right over my head. :rolleyes:

@JstRelax,

Please run MBAM once again, and do as MoxieMomma suggested.

Also, are there any other MBAM reports prior to the one you posted above?
If so, please post or attach.


In addition to the above, open Windows Repair once again, and go to the Step 4 tab, and run System File Check by clicking on: Do It

When done, please look for the new Windows Repair log, and post it in your reply.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Hello,
There are no MBAM reports before the one posted above. I ran it a few times after and it has come up clean since. I made the change suggested by MoxieMomma and ran it again. It appears to be clean.

Malwarebytes Anti-Malware

Scan Date: 5/29/2015
Scan Time: 2:44:11 AM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.29.01
Rootkit Database: v2015.05.24.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bob

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 403700
Time Elapsed: 1 hr, 10 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)
--------------------------------------

I logged into Safe Mode with Networking and launched Windows Repair. It recommended I update to V. 3.2 so I did. I then ran System File Check and it appeared to come up clean. I have looked for a log but one appears to not have been created.

In addition to this, I ran CCleaner and under Startup - Scheduled Tasks I noticed these entries. I deleted them. Apparently launchie.vbs is apart of Yontoo Toolbar Adware. The Yontoo Toolbar was never installed on my browsers however.

a. 0 c:\program files\internet explorer\iexplore.exe
b. 4880 wscript.exe C:\Users\Admin\AppData\Local\Temp\launchie.vbs //B


Thank You
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Have you checked to see how many start up items are being loaded when you boot up? Go to start, type "msconfig", go to the startup tab & uncheck anything unnecessary. Some programs, when they are updated, automatically add themselves to the startup list. Adobe & Java are notorious for this.

If TDSSKiller didn't find anything, then no need to worry. If it did, please post what the name of the rootkit it found.
 
Last edited:

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Hi Borg 386,
Yes I have a typed msconfig and looked at what my start up items were. I disabled anything that wasn't necessary. I usually do this every few months anyways. The TDSS Killer report is very long so I just put beginning & the end of it, which is the summary of what was detected. I did nothing as you can see, because I was not sure of what was found.

14:47:51.0190 0x0154 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:47:57.0211 0x0154 ============================================================
14:47:57.0211 0x0154 Current date / time: 2015/05/26 14:47:57.0211
14:47:57.0211 0x0154 SystemInfo:
14:47:57.0211 0x0154
14:47:57.0211 0x0154 OS Version: 6.1.7601 ServicePack: 1.0
14:47:57.0211 0x0154 Product type: Workstation
14:47:57.0211 0x0154 ComputerName: BOB-PC
14:47:57.0211 0x0154 UserName: bob
14:47:57.0211 0x0154 Windows directory: C:\Windows
14:47:57.0211 0x0154 System windows directory: C:\Windows
14:47:57.0211 0x0154 Running under WOW64
14:47:57.0211 0x0154 Processor architecture: Intel x64
14:47:57.0211 0x0154 Number of processors: 2
14:47:57.0211 0x0154 Page size: 0x1000
14:47:57.0211 0x0154 Boot type: Safe boot
14:47:57.0211 0x0154 ============================================================
14:47:57.0477 0x0154 KLMD registered as C:\Windows\system32\drivers\48401609.sys
14:47:57.0929 0x0154 System UUID: {1D913399-3B13-E254-B718-48028346063D}
14:47:59.0224 0x0154 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:47:59.0224 0x0154 ============================================================
14:47:59.0224 0x0154 \Device\Harddisk0\DR0:
14:47:59.0224 0x0154 MBR partitions:
14:47:59.0224 0x0154 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D4C000
14:47:59.0224 0x0154 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7EFCD, BlocksNum 0x236AF2E3
14:47:59.0224 0x0154 ============================================================
14:47:59.0427 0x0154 C: <-> \Device\Harddisk0\DR0\Partition2
14:47:59.0427 0x0154 ============================================================
14:47:59.0427 0x0154 Initialize success
14:47:59.0427 0x0154 ============================================================
14:48:37.0147 0x04c4 ============================================================
14:48:37.0147 0x04c4 Scan started
14:48:37.0147 0x04c4 Mode: Manual; SigCheck; TDLFS;
14:48:37.0147 0x04c4 ============================================================
14:48:37.0147 0x04c4 KSN ping started
14:48:37.0413 0x04c4 KSN ping finished: false
14:48:37.0990 0x04c4 ================ Scan system memory ========================
14:48:37.0990 0x04c4 System memory - ok
14:48:37.0990 0x04c4 ================ Scan services =============================

*I omitted this content*

14:49:32.0387 0x04c4 Scan finished
14:49:32.0387 0x04c4 ============================================================
14:49:32.0387 0x04c0 Detected object count: 11
14:49:32.0387 0x04c0 Actual detected object count: 11
14:59:50.0476 0x04c0 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0476 0x04c0 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0476 0x04c0 ASD2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0476 0x04c0 ASD2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0491 0x04c0 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0491 0x04c0 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0507 0x04c0 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0507 0x04c0 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0523 0x04c0 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0523 0x04c0 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0554 0x04c0 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0554 0x04c0 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0569 0x04c0 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0569 0x04c0 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0585 0x04c0 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0585 0x04c0 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0601 0x04c0 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0601 0x04c0 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0616 0x04c0 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0616 0x04c0 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:50.0663 0x04c0 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - skipped by user
14:59:50.0663 0x04c0 Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:59:53.0986 0x03bc Deinitialize success

The comp still freezes up and is not functioning properly.
Thank You
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
TDSSKiller shows:

Scan started
Mode: Manual; SigCheck; TDLFS; > checks also for Signatures and TDL File System

The Detected object count: 11 does not show a Rootkit, just some Unsigned Files that check out OK.

The malicious tasks entry was removed In CCleaner: wscript.exe C:\Users\Admin\AppData\Local\Temp\launchie.vbs //B

However, C:\Program Files\Internet Explorer\iexplore.exe is legit.

When Internet Explorer is closed, do you have any (iexplorer.exe) processes present in the Task Manager??
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Cottonball,
It looks like I do not have iexplorer.exe running in the Task Manager when IE is closed. I read in an online tutorial on getting rid of Yontoo Toolbar Adware to delete both of those lines.

Borg 386,
Ok I have followed the elevated command prompt instructions and have a sfcdetails Notepad doc on my desktop but the contents are empty. I will now run System File Checker a few more times.

Thank You
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Ok so I ran SFC 4 times, twice in Safe Mode and twice in Normal Mode. The reason in my last post I stated the sfcdetails log was empty was because I had ran it in Safe Mode, which meant that even running as Administrator, it starts out with C:\Users\Username and the text copied from the tutorial is looking for Windows\System32. I had to chop off over half of the log because it's too many characters. All the logs looks the same though except for the time on the left side. All state repairing 0 components.

2015-05-30 12:53:15, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:15, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:23, Info CSI 0000000c [SR] Verify complete
2015-05-30 12:53:25, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:25, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:32, Info CSI 00000010 [SR] Verify complete
2015-05-30 12:53:34, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:34, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:40, Info CSI 00000014 [SR] Verify complete
2015-05-30 12:53:41, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:41, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:47, Info CSI 00000018 [SR] Verify complete
2015-05-30 12:53:49, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:49, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:54, Info CSI 0000001c [SR] Verify complete
2015-05-30 12:53:55, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:55, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2015-05-30 12:53:58, Info CSI 00000020 [SR] Verify complete
2015-05-30 12:53:59, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:53:59, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:02, Info CSI 00000024 [SR] Verify complete
2015-05-30 12:54:03, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:03, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:06, Info CSI 00000028 [SR] Verify complete
2015-05-30 12:54:07, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:07, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:10, Info CSI 0000002c [SR] Verify complete
2015-05-30 12:54:11, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:11, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:14, Info CSI 00000030 [SR] Verify complete
2015-05-30 12:54:15, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:15, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:18, Info CSI 00000034 [SR] Verify complete
2015-05-30 12:54:18, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:18, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:24, Info CSI 00000038 [SR] Verify complete
2015-05-30 12:54:25, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:25, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:29, Info CSI 0000003c [SR] Verify complete
2015-05-30 12:54:30, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 12:54:30, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2015-05-30 12:54:33, Info CSI 00000040 [SR] Verify complete

2015-05-30 13:04:04, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:04, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:09, Info CSI 000001f8 [SR] Verify complete
2015-05-30 13:04:10, Info CSI 000001f9 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:10, Info CSI 000001fa [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:16, Info CSI 000001fc [SR] Verify complete
2015-05-30 13:04:17, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:17, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:26, Info CSI 00000200 [SR] Verify complete
2015-05-30 13:04:26, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:26, Info CSI 00000202 [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:34, Info CSI 00000205 [SR] Verify complete
2015-05-30 13:04:34, Info CSI 00000206 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:34, Info CSI 00000207 [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:38, Info CSI 00000209 [SR] Verify complete
2015-05-30 13:04:38, Info CSI 0000020a [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:38, Info CSI 0000020b [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:42, Info CSI 0000020d [SR] Verify complete
2015-05-30 13:04:43, Info CSI 0000020e [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:04:43, Info CSI 0000020f [SR] Beginning Verify and Repair transaction
2015-05-30 13:04:59, Info CSI 00000214 [SR] Verify complete
2015-05-30 13:05:00, Info CSI 00000215 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:00, Info CSI 00000216 [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:10, Info CSI 0000021b [SR] Verify complete
2015-05-30 13:05:10, Info CSI 0000021c [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:10, Info CSI 0000021d [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:20, Info CSI 0000021f [SR] Verify complete
2015-05-30 13:05:21, Info CSI 00000220 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:21, Info CSI 00000221 [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:30, Info CSI 0000022d [SR] Verify complete
2015-05-30 13:05:30, Info CSI 0000022e [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:30, Info CSI 0000022f [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:39, Info CSI 00000235 [SR] Verify complete
2015-05-30 13:05:40, Info CSI 00000236 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:40, Info CSI 00000237 [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:46, Info CSI 00000239 [SR] Verify complete
2015-05-30 13:05:46, Info CSI 0000023a [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:46, Info CSI 0000023b [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:52, Info CSI 0000023f [SR] Verify complete
2015-05-30 13:05:52, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:52, Info CSI 00000241 [SR] Beginning Verify and Repair transaction
2015-05-30 13:05:58, Info CSI 00000243 [SR] Verify complete
2015-05-30 13:05:58, Info CSI 00000244 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:05:58, Info CSI 00000245 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:07, Info CSI 0000026a [SR] Verify complete
2015-05-30 13:06:07, Info CSI 0000026b [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:07, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:13, Info CSI 0000026e [SR] Verify complete
2015-05-30 13:06:14, Info CSI 0000026f [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:14, Info CSI 00000270 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:19, Info CSI 00000272 [SR] Verify complete
2015-05-30 13:06:19, Info CSI 00000273 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:19, Info CSI 00000274 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:25, Info CSI 00000276 [SR] Verify complete
2015-05-30 13:06:25, Info CSI 00000277 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:25, Info CSI 00000278 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:30, Info CSI 00000286 [SR] Verify complete
2015-05-30 13:06:31, Info CSI 00000287 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:31, Info CSI 00000288 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:38, Info CSI 0000028a [SR] Verify complete
2015-05-30 13:06:39, Info CSI 0000028b [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:39, Info CSI 0000028c [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:46, Info CSI 0000029a [SR] Verify complete
2015-05-30 13:06:46, Info CSI 0000029b [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:46, Info CSI 0000029c [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:49, Info CSI 0000029e [SR] Verify complete
2015-05-30 13:06:49, Info CSI 0000029f [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:49, Info CSI 000002a0 [SR] Beginning Verify and Repair transaction
2015-05-30 13:06:56, Info CSI 000002a3 [SR] Verify complete
2015-05-30 13:06:57, Info CSI 000002a4 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:06:57, Info CSI 000002a5 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:01, Info CSI 000002a7 [SR] Verify complete
2015-05-30 13:07:02, Info CSI 000002a8 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:02, Info CSI 000002a9 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:04, Info CSI 000002ab [SR] Verify complete
2015-05-30 13:07:05, Info CSI 000002ac [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:05, Info CSI 000002ad [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:13, Info CSI 000002af [SR] Verify complete
2015-05-30 13:07:13, Info CSI 000002b0 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:13, Info CSI 000002b1 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:19, Info CSI 000002b3 [SR] Verify complete
2015-05-30 13:07:20, Info CSI 000002b4 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:20, Info CSI 000002b5 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:28, Info CSI 000002cb [SR] Verify complete
2015-05-30 13:07:29, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:29, Info CSI 000002cd [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:35, Info CSI 000002d3 [SR] Verify complete
2015-05-30 13:07:36, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:36, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:50, Info CSI 000002d7 [SR] Verify complete
2015-05-30 13:07:51, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:51, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2015-05-30 13:07:56, Info CSI 000002db [SR] Verify complete
2015-05-30 13:07:56, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:07:56, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:01, Info CSI 000002e0 [SR] Verify complete
2015-05-30 13:08:01, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:01, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:06, Info CSI 000002e5 [SR] Verify complete
2015-05-30 13:08:06, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:06, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:11, Info CSI 000002e9 [SR] Verify complete
2015-05-30 13:08:11, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:11, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:17, Info CSI 000002ed [SR] Verify complete
2015-05-30 13:08:17, Info CSI 000002ee [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:17, Info CSI 000002ef [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:22, Info CSI 000002f2 [SR] Verify complete
2015-05-30 13:08:23, Info CSI 000002f3 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:23, Info CSI 000002f4 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:28, Info CSI 000002f6 [SR] Verify complete
2015-05-30 13:08:28, Info CSI 000002f7 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:28, Info CSI 000002f8 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:33, Info CSI 000002fa [SR] Verify complete
2015-05-30 13:08:34, Info CSI 000002fb [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:34, Info CSI 000002fc [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:39, Info CSI 000002fe [SR] Verify complete
2015-05-30 13:08:39, Info CSI 000002ff [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:39, Info CSI 00000300 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:47, Info CSI 00000303 [SR] Verify complete
2015-05-30 13:08:48, Info CSI 00000304 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:48, Info CSI 00000305 [SR] Beginning Verify and Repair transaction
2015-05-30 13:08:53, Info CSI 00000307 [SR] Verify complete
2015-05-30 13:08:53, Info CSI 00000308 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:08:53, Info CSI 00000309 [SR] Beginning Verify and Repair transaction
2015-05-30 13:09:01, Info CSI 0000030b [SR] Verify complete
2015-05-30 13:09:02, Info CSI 0000030c [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:09:02, Info CSI 0000030d [SR] Beginning Verify and Repair transaction
2015-05-30 13:09:09, Info CSI 0000030f [SR] Verify complete
2015-05-30 13:09:10, Info CSI 00000310 [SR] Verifying 100 (0x0000000000000064) components
2015-05-30 13:09:10, Info CSI 00000311 [SR] Beginning Verify and Repair transaction
2015-05-30 13:09:16, Info CSI 00000313 [SR] Verify complete
2015-05-30 13:09:16, Info CSI 00000314 [SR] Verifying 52 (0x0000000000000034) components
2015-05-30 13:09:16, Info CSI 00000315 [SR] Beginning Verify and Repair transaction
2015-05-30 13:09:19, Info CSI 00000317 [SR] Verify complete
2015-05-30 13:09:19, Info CSI 00000318 [SR] Repairing 0 components
2015-05-30 13:09:19, Info CSI 00000319 [SR] Beginning Verify and Repair transaction
2015-05-30 13:09:19, Info CSI 0000031b [SR] Repair complete
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
Please use the Farbar Recovery Scan Tool.
Download: Farbar Recovery Scan Tool Download
Select the version that applies to your system.
Save it to your Desktop.

Double-click the downloaded file to run it.
When the tool opens, click Yes to the disclaimer.

Press the Scan button.

When done, the tool makes a report, FRST.txt, in the same directory from which the tool is run (Desktop).
:ar: Please provide the FRST.txt in your reply.

The first time the tool is run, it also creates another report: Addition.txt
:ar: Also post the Addition.txt in your reply.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Ok here is the 2 .txt files attached. Should I copy & paste instead?
 

Attachments

My Computer My Computer

At a glance

Windows 7 Home Premium 64 bitIntel Pentium P6100 2.00 GHZ8GB RAMIntel HD Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Home Premium 64 bit
CPU
Intel Pentium P6100 2.00 GHZ
Memory
8GB RAM
Graphics Card(s)
Intel HD Graphics
Sound Card
Realtek High Defintion Audio, AudioBox USB Audio
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
NTFS 283GB
Keyboard
Standard PS/2 Keyboard
Mouse
Synaptics PS/2 Port TouchPad, USB Input Device
Internet Speed
300Mbps
Antivirus
Microsoft Security Essentials
Browser
Mozilla, IExplorer
JstRelax,

Since your problems started about a week ago, have you attempted to do a System Restore:

http://www.sevenforums.com/tutorials/700-system-restore.html

The reports provided show some entries that could be cleaned up, as well as application errors, system errors, etc., however, cannot guarantee that doing so is going to solve all your problems.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Back
Top