Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow and freezing. Not shutting down propertly

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 2nd, 2015, 1:15 am

You did, that's the FRST fixlog, it's the ADWCleaner log I need to see, it will be labelled AdwCleaner[s1].txt and found in the root of your C:\ drive.

Please note, if you've ever fixed something on your machine before with ADWCleaner, the log may be labelled AdwCleaner[s2].txt, or AdwCleaner[s3].txt, etc. etc. if so send me the one with the highest number, since that will be the latest.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 2nd, 2015, 10:38 am

I am sorry, I followed all the steps and this is the only (S) file I can find. I even went back through thinking I missed a step. I have an (S0), not an (S1). Dated 7-31-2015

# AdwCleaner v4.208 - Logfile created 31/07/2015 at 19:13:26
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\xfin_portal
Folder Deleted : C:\Program Files (x86)\CoolLyrics
Folder Deleted : C:\Program Files (x86)\GamingWonderlandEI
Folder Deleted : C:\Users\PC\AppData\Local\Browsersafeguard
Folder Deleted : C:\Users\PC\AppData\Local\iac
Folder Deleted : C:\Users\PC\AppData\Local\PackageAware
Folder Deleted : C:\Users\PC\AppData\LocalLow\comcasttb
Folder Deleted : C:\Users\PC\AppData\LocalLow\iac
Folder Deleted : C:\Users\PC\AppData\LocalLow\xfin_portal
Folder Deleted : C:\Users\PC\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\PC\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\PC\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\yvb3r9pv.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ippkomaaonokjnfjoikaemidanojkfmm_0.localstorage
File Deleted : C:\windows\System32\dmwu.exe
File Deleted : C:\windows\System32\ImhxxpComm.dll

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Deleted : HKLM\SOFTWARE\Classes\GamingWonderlandInstaller.Start
Key Deleted : HKLM\SOFTWARE\Classes\GamingWonderlandInstaller.Start.1
Key Deleted : HKLM\SOFTWARE\Classes\MyImageConverter_8j.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\MyImageConverter_8j.ToolbarProtector.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyImageConverter AppIntegrator 32-bit]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyImageConverter AppIntegrator 64-bit]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{94bd6970-1a83-41dc-9be5-bf50b3d0238f}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9d18b218-6967-44c7-961f-c8710bf24559}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{94bd6970-1a83-41dc-9be5-bf50b3d0238f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9d18b218-6967-44c7-961f-c8710bf24559}
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKLM\SOFTWARE\GamingWonderlandEI
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xfin_portal
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v


-\\ Google Chrome v44.0.2403.125

[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsear ... .jhtml?p2=^YP^xdm002^YY^us&si=CPnl7OKU-LUCFYk7MgodlDUAhw&ptb=B93F1B17-F3E4-4460-86D5-10B337163500&psa=&ind=2013031217&st=sb&n=77fc6b31&searchfor={searchTerms}
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?gct=hp

*************************

AdwCleaner[R0].txt - [8679 bytes] - [30/07/2015 13:59:03]
AdwCleaner[R1].txt - [8738 bytes] - [30/07/2015 16:04:14]
AdwCleaner[R2].txt - [9277 bytes] - [31/07/2015 19:11:28]
AdwCleaner[S0].txt - [8869 bytes] - [31/07/2015 19:13:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8928 bytes] ##########
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 2nd, 2015, 10:41 am

It is possible that since my computer took hours to perform this operation and had to be "nudged" (it froze) at least once that there may be problems with the report.
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 2nd, 2015, 12:03 pm

No, the report is fine, and it looks to have removed things without any indicated problems.

So, what we now need to do is to run another scan to see if we've missed anything. The scans we've run so far have been specific to the type of infection I saw in your initial logs, what I want to do now is run a more general purpose scan, which will look for things that the other scans didn't.

Please note .... this scan is very thorough, but it can sometimes take several hours to complete.

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 4th, 2015, 7:15 pm

C:\AdwCleaner\Quarantine\C\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\gtEIPlug.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\gtEZSETP.dll.vir Win32/Toolbar.MyWebSearch.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISb.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\comcastdx.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\comcasttb.dll.vir a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\xfin_portal\dtuser.exe.vir a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\windows\System32\dmwu.exe.vir a variant of Win64/Toolbar.Perion.D potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\d3d10core.dll.xBAD Win64/Bedep.D trojan
C:\Program Files\Family Tree Maker 2014\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\PC\AppData\Local\{86F066CF-DBA9-4E6E-B1B9-A53C666560D6}\Trbdovxg.dll a variant of Win32/Kryptik.CQTK trojan
C:\Users\PC\AppData\LocalLow\fapqjis.dll a variant of Win32/Kryptik.CQTK trojan
C:\Users\PC\Downloads\FileOpenerSetup.exe a variant of Win32/InstallCore.QB potentially unwanted application
C:\Users\PC\Downloads\SecurityReviverSetup_ppc.exe a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 5th, 2015, 12:53 am

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad (don't include Code: Select all).
Code: Select all
C:\Program Files\Family Tree Maker 2014\hstart.exe
C:\Users\PC\AppData\Local\{86F066CF-DBA9-4E6E-B1B9-A53C666560D6}\Trbdovxg.dll 
C:\Users\PC\AppData\LocalLow\fapqjis.dll
C:\Users\PC\Downloads\FileOpenerSetup.exe
C:\Users\PC\Downloads\SecurityReviverSetup_ppc.exe
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe
EmptyTemp:
CMD: ipconfig /flushdns

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

PLEASE LET ME KNOW HOW YOUR COMPUTER IS BEHAVING NOW





.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 5th, 2015, 7:54 pm

Startup is normal. Shutdown normal. Outlook took about five minutes to startup this morning, when I got home today, Outlook was not responding. Restarted and started right up. Have not had any freezing episodes since the last one I reported.

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by PC (2015-08-05 07:00:20) Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Program Files\Family Tree Maker 2014\hstart.exe
C:\Users\PC\AppData\Local\{86F066CF-DBA9-4E6E-B1B9-A53C666560D6}\Trbdovxg.dll
C:\Users\PC\AppData\LocalLow\fapqjis.dll
C:\Users\PC\Downloads\FileOpenerSetup.exe
C:\Users\PC\Downloads\SecurityReviverSetup_ppc.exe
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe
EmptyTemp:
CMD: ipconfig /flushdns
*****************

C:\Program Files\Family Tree Maker 2014\hstart.exe => moved successfully.
C:\Users\PC\AppData\Local\{86F066CF-DBA9-4E6E-B1B9-A53C666560D6}\Trbdovxg.dll => moved successfully.
C:\Users\PC\AppData\LocalLow\fapqjis.dll => moved successfully.
C:\Users\PC\Downloads\FileOpenerSetup.exe => moved successfully.
C:\Users\PC\Downloads\SecurityReviverSetup_ppc.exe => moved successfully.
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe => moved successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 234.6 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 07:00:57 ====
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 6th, 2015, 1:38 am

When you say Outlook, are you talking about the e-mail program that usually comes as part of Microsoft Office, or are you talking about Outlook Express, that usually comes set up as the default e-mail client on Windows based computers.

People often use the term Outlook for both, but they're not the same, and troubleshooting problems with each is different.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 6th, 2015, 10:05 am

Microsoft Outlook is my default for email. It seems to be opening normally now. I don't open on Start, I open it manually. Version 12.0.7153.5000. I don't believe it is Express
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 6th, 2015, 10:19 am

OK, if it's working alright at the moment, keep an eye on it for a couple of days and let me know if it gives you any more problems.

If not, let me know, and I'll then give you details of how to remove all the programs that we've been using to clean your computer, plus a few recommendations on how to minimise your chances of picking up another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 8th, 2015, 8:02 pm

So, have had no incidents in the past few days. Running smoothly, fan not on all the time, did not hang up if left overnight on webpage even. Startup and shutdown normal.
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 9th, 2015, 1:45 am

OK, sounds like it's time to do a little tidying up then.

First we need to remove the programs we've been using to clean your computer, and to remove any old system restore points which might have been created when your computer was infected ...

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check the following boxes ...
    • Remove disinfection tools
    • Purge system restore

    ... then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Post the contents of this notepad in your next reply.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slow and freezing. Not shutting down propertly

Unread postby tlind » August 9th, 2015, 7:55 pm

Thank you so much for the assistance. I will work through the suggestions in the article. And keep my son off my computer. :-)


# DelFix v1.010 - Logfile created 09/08/2015 at 17:10:18
# Updated 26/04/2015 by Xplode
# Username : PC - PC-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...


Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\PC\Desktop\FRST-OlderVersion
Deleted : C:\log.txt
Deleted : C:\Users\PC\Desktop\adwcleaner_4.208.exe
Deleted : C:\Users\PC\Desktop\aswMBR.exe
Deleted : C:\Users\PC\Desktop\dds (1).scr
Deleted : C:\Users\PC\Desktop\FRST64.exe
Deleted : C:\Users\PC\Desktop\MBR.dat
Deleted : C:\Users\PC\Downloads\dds.scr
Deleted : C:\Users\PC\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #294 [Windows Update | 07/29/2015 00:11:51]
Deleted : RP #295 [Windows Update | 07/29/2015 03:45:35]
Deleted : RP #296 [Removed Java 8 Update 31 | 07/31/2015 22:17:29]
Deleted : RP #297 [Removed Java 8 Update 31 | 07/31/2015 22:41:43]
Deleted : RP #298 [Windows Update | 08/01/2015 21:46:34]
Deleted : RP #299 [Windows Update | 08/05/2015 00:38:25]
Deleted : RP #300 [Windows Update | 08/09/2015 00:22:45]

New restore point created !

########## - EOF - ##########
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm

Re: Slow and freezing. Not shutting down propertly

Unread postby Gary R » August 10th, 2015, 12:59 am

You're welcome, glad we could help. :thumbright:

Keep safe.

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21863
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 14 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware