[davejc79]

while using my computer last night as i usually would (facebook , and .gov sites for jobsearches , etc) i noticed that it started running a lot slower , taking 10-15 seconds to load pages where it usually took 2-3 max , did the usual checks for viruses and and ran ccleaner . it was still the same . i have downloaded and saved the OTL software that your site recommended and i cannot make head nor tail from the log could someone help me please ?

[Advertisements]

Hello Davejc79 and welcome to GeeksToGo .

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

• please follow all instructions in the order posted
• please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
• all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
• if you don't understand something, please don't hesitate to ask for clarification before proceeding
• the fixes are specific to your problem and should only be used for this issue on this machine.
• please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Run aswMBR

• download aswMBR.exe to your desktop.
• double click aswMBR.exe to run it
• if asked, accept the AVAST virus definition download
• click the "Scan" button to start scan
• on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.

Please post both logs from the OTL scan. They are called OTL.txt and Extras.txt and will be found in the same location that OTL was run from; ie, if it was run from your desktop, the logs will be on the desktop.

Logs to include in your next post :

OTL.txt
Extras.txt
aswMBR log

Thanks

Satchfan

[Satchfan]

Hello Davejc79 and welcome to GeeksToGo .

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

• please follow all instructions in the order posted
• please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
• all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
• if you don't understand something, please don't hesitate to ask for clarification before proceeding
• the fixes are specific to your problem and should only be used for this issue on this machine.
• please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Run aswMBR

• download aswMBR.exe to your desktop.
• double click aswMBR.exe to run it
• if asked, accept the AVAST virus definition download
• click the "Scan" button to start scan
• on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.

Please post both logs from the OTL scan. They are called OTL.txt and Extras.txt and will be found in the same location that OTL was run from; ie, if it was run from your desktop, the logs will be on the desktop.

Logs to include in your next post :

OTL.txt
Extras.txt
aswMBR log

Thanks

Satchfan

[davejc79]

on top of the original issues i was having the computer has shut itself down for no apparent reason ,on at least two occasions . first time i was on facebook and the second time i was playing poker



 OTL.Txt   72.14KB   58 downloads  aswMBR.txt   2.03KB   59 downloads  Extras.Txt   129.29KB   70 downloads

[Satchfan]

Hi Davejc79

P2P - I see you have P2P software, (BitTorrent ), installed on your machine.

We are not here to pass judgment on file-sharing as a concept but we will warn you that engaging in this activity will always make your computer very susceptible to infection and re-infection.

If your computer is infected, it almost certainly contributed to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are more often than not, infected. Those who write malware use P2P file-sharing as a major vehicle to spread their wares.

Please see this topic for more information:

Perils of P2P File Sharing.

I would strongly recommend that you uninstall it now. You can do so via Control Panel, Programs, and then Programs and Features.

Should you decide to keep it, please don’t use it until we have finished up here.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

• run AdwCleaner and select Delete
• when it has finished it will ask to reboot - allow the reboot
• on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

• shut down your protection software now to avoid potential conflicts.
• run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
• the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• on completion, a log (JRT.txt) is saved to your desktop and will automatically open
• post the contents of JRT.txt into your next message.

===================================================

Run Security Check

Download Security Check by screen317 from here or here.

• save it to your Desktop.
• double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• a Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please also run OTL again and post the new log.

Logs to include in the next post, (in the post, not attached please):

AdwCleaner log
JRT.txt
checkup.txt
New OTL.txt log

Thanks

Satchfan

[davejc79]

could not run the security checkup ... UNSUPPORTED OPERATING SYSTEM! ABORTED!

 AdwCleanerS1.txt   6.74KB   70 downloads  JRT.txt   1.29KB   65 downloads  OTL.Txt   71.9KB   57 downloads

[Satchfan]

Please do not attach logs – copy/paste them into the post.

I don’t know why you got that message.


Run MiniToolBox

Note: When using the "Reset FF Proxy Settings" option, Firefox should be closed.

Please download MiniToolBox, save it to your desktop and run it.

Place a checkmark in the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Satchfan

[davejc79]

MiniToolBox by Farbar Version:21-04-2013
Ran by dave (administrator) on 24-04-2013 at 16:11:25
Running from "C:\Users\dave\Desktop"
Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : dave-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : B2-74-9F-39-99-3A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : B4-74-9F-39-99-3A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8449:6b4a:1f36:1541%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 24 April 2013 16:06:42
Lease Expires . . . . . . . . . . : 25 April 2013 16:06:47
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 246707359
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-67-67-E8-00-24-54-72-70-6B
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : E8-11-32-20-C6-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B1131F55-11C4-4C74-A9B6-B79A229962ED}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1403:286e:fd9e:a0e(Preferred)
Link-local IPv6 Address . . . . . : fe80::1403:286e:fd9e:a0e%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:803::1006
173.194.34.100
173.194.34.105
173.194.34.110
173.194.34.98
173.194.34.101
173.194.34.104
173.194.34.99
173.194.34.102
173.194.34.103
173.194.34.97
173.194.34.96


Pinging google.com [173.194.34.100] with 32 bytes of data:
Reply from 173.194.34.100: bytes=32 time=41ms TTL=53
Reply from 173.194.34.100: bytes=32 time=39ms TTL=53

Ping statistics for 173.194.34.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 41ms, Average = 40ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=470ms TTL=42
Reply from 206.190.36.45: bytes=32 time=574ms TTL=41

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 470ms, Maximum = 574ms, Average = 522ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...b2 74 9f 39 99 3a ......Microsoft Virtual WiFi Miniport Adapter
13...b4 74 9f 39 99 3a ......Atheros AR9285 Wireless Network Adapter
11...e8 11 32 20 c6 08 ......Marvell Yukon 88E8040 Family PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:1403:286e:fd9e:a0e/128
On-link
13 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::1403:286e:fd9e:a0e/128
On-link
13 281 fe80::8449:6b4a:1f36:1541/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?? Messenger (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? Messenger (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
„Messenger“ pagalbine priemone (Version: 15.4.3502.0922)
„Windows Live Essentials“ (Version: 15.4.3502.0922)
„Windows Live Mail“ (Version: 15.4.3502.0922)
„Windows Live Messenger“ (Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (Version: 15.4.3502.0922)
888poker
Adobe AIR (Version: 3.6.0.6090)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Alice Greenfingers
Atheros Client Installation Program (Version: 1.0.5.0621)
BatteryLifeExtender (Version: 1.0.5)
BitTorrent (Version: 7.7.0)
Bonbon Quest
Broadcom 802.11 Network Adapter (Version: 5.60.48.44)
Cake Mania
CCleaner (Version: 3.22)
Complément Messenger (Version: 15.4.3502.0922)
Complemento Messenger (Version: 15.4.3502.0922)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink YouCam (Version: 2.0.3911)
D3DX10 (Version: 15.4.2368.0902)
Daycare Nightmare
Doplnok programu Messenger (Version: 15.4.3502.0922)
Easy Content Share (Version: 1.0.0.13)
Easy Display Manager (Version: 3.2)
Easy Network Manager (Version: 4.3.3)
Easy SpeedUp Manager (Version: 2.1.0.11)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.3)
ETDWare PS/2-x64 7.0.7.0_WHQL (Version: 7.0.7.0)
Flip Words
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galapago
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Game Pack (Version: 6.3.1.1)
Gem Shop
Google Chrome (Version: 26.0.1410.64)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Governor of Poker 2 (Version: 1.0)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
HP Deskjet 3050 J610 series Product Improvement Study (Version: 22.50.231.0)
HP Photo Creations (Version: 1.0.0.3781)
HP Update (Version: 5.002.006.003)
ImgBurn (Version: 2.5.7.0)
Insaniquarium Deluxe
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Intel® Rapid Storage Technology (Version: 9.6.3.1001)
Junk Mail filter update (Version: 15.4.3502.0922)
Mahjong Escape Ancient China
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Marvell Miniport Driver (Version: 11.22.3.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger ??? ?? (Version: 15.4.3502.0922)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Assistent (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kíséro (Version: 15.4.3502.0922)
Messenger Pratilac (Version: 15.4.3502.0922)
Messenger Suradnik (Version: 15.4.3502.0922)
Messenger-kumppani (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft AutoRoute 2011 (Version: 18.0.29.2700)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movin' and Groovin'
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Ultra Edition (Version: 7.02.9753)
neroxml (Version: 1.0.0)
Norton Online Backup (Version: 2.1.17869)
PartyPoker
PKR
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
PokerStars
Pomocnik Messenger (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
Pro Bass Fishing 2003
QuickTime
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (Version: 6.0.1.6083)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Samsung Recovery Solution 4 (Version: 4.0.0.6)
Samsung Support Center (Version: 1.0.2)
Samsung Update Plus (Version: 2.0)
SamsungMovie (Version: 1.0.0)
SimCity 4 Deluxe
Sky Poker (Version: 1.115)
Slingo
Spremljevalec Messenger (Version: 15.4.3502.0922)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
User Guide (Version: 1.0)
VLC media player 2.0.3 (Version: 2.0.3)
Windows Live ?? (Version: 15.4.3502.0922)
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live fotoattelu galerija (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Pošta (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3892.55 MB
Available physical RAM: 2399.07 MB
Total Pagefile: 9728.69 MB
Available Pagefile: 8181.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.11 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:101 GB) (Free:35.37 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:344.66 GB) (Free:35.72 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVE-PC

Administrator dave elizabeth
Guest Natasha

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

[Satchfan]

Please try and run SecurityCheck again.

If it still won’t run, try running it in Safe mode.

Can you tell me how your computer is running now.

Satchfan

[davejc79]

have tried running it a number of times and it still wont run . it says it does not support my OS . i tried deleting and saving it 2 or 3 times as well .

Have you seen any problems in any of these scans / logs ?????

[Satchfan]

have tried running it a number of times and it still wont run

Did you try safe mode as there is no reason for it not to run?

Have you seen any problems in any of these scans / logs ?????

Nothing major except what we have cleared.

How is the computer now?

[davejc79]

tried safe mode with and without networking . still comes up as not compatible .
still seems a little sluggish at times . hasnt shut down by itself recently though so thats something .

i may just try resetting the mem settings and see how i go . possibly make my VM larger

[Satchfan]

Very odd – never seen that happen in safe mode.

Let’s clean up what was found and have another scan to be sure that this is not malware-related.


Note: If you have MalwareBytes Anti-Malware 1.6 or higher installed and are using the Pro version or trial version, please temporarily disable it for the duration of this fix as it may interfere with the successfully execution of the script below.

Run OTL

• double click on the icon to run it.
• copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  

  :Services
  
  :OTL
  DRV:[b]64bit:[/b] - [2009/06/18 02:15:16 | 000,307,400 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
  DRV:[b]64bit:[/b] - [2009/06/18 02:15:16 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
  DRV:[b]64bit:[/b] - [2009/06/18 02:15:16 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
  DRV:[b]64bit:[/b] - [2009/06/18 02:08:50 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
  O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:5C270C64
  @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:6FB93194
  @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728
  :Commands
  [purity]
  [emptytemp]
  [Reboot]

  
  
• click the Run Fix button at the top
• let the program run unhindered, reboot when it is done
• please post the OTL fix log.

===================================================

Download and run ComboFix

Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

• when finished, it will produce a report
• please post the C:\ComboFix.txt in your next reply.

Logs to include in the next post:

OTL fix log
ComboFix.txt

Thanks

Satchfan

[Satchfan]

I have a very early start tomorrow so will not reply again tonight.

[davejc79]

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Error: Unable to stop service mfehidk!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfehidk deleted successfully.
C:\Windows\SysNative\drivers\mfehidk.sys moved successfully.
Service mfeavfk stopped successfully!
Service mfeavfk deleted successfully!
C:\Windows\SysNative\drivers\mfeavfk.sys moved successfully.
Service mfesmfk stopped successfully!
Service mfesmfk deleted successfully!
C:\Windows\SysNative\drivers\mfesmfk.sys moved successfully.
Service mferkdk stopped successfully!
Service mferkdk deleted successfully!
C:\Windows\SysNative\drivers\mferkdk.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
ADS C:\ProgramData\Temp:5C270C64 deleted successfully.
ADS C:\ProgramData\Temp:6FB93194 deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: dave
->Temp folder emptied: 117913992 bytes
->Temporary Internet Files folder emptied: 81437922 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 97703 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: elizabeth
->Temp folder emptied: 17398090 bytes
->Temporary Internet Files folder emptied: 98763900 bytes
->Google Chrome cache emptied: 6773904 bytes
->Flash cache emptied: 62107 bytes

User: Natasha
->Temp folder emptied: 13319514 bytes
->Temporary Internet Files folder emptied: 148954757 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 179610 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 672808 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 464.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04252013_012621

Files\Folders moved on Reboot...
C:\Users\dave\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\dave\AppData\Local\Temp\~DF6C0AE0B9C63CA2E1.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DF9F691F3891606FCF.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFB31A52AD33D4F28D.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFB650B26768085FCC.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFC218B7A8CB35AB9F.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\ComboFix[1].exe not found!
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\page__p__2288553__fromsearch__1[1].htm moved successfully.
File\Folder C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\Rebrand2013_PRS_hover[1].png not found!
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...





All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Error: Unable to stop service mfehidk!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfehidk deleted successfully.
C:\Windows\SysNative\drivers\mfehidk.sys moved successfully.
Service mfeavfk stopped successfully!
Service mfeavfk deleted successfully!
C:\Windows\SysNative\drivers\mfeavfk.sys moved successfully.
Service mfesmfk stopped successfully!
Service mfesmfk deleted successfully!
C:\Windows\SysNative\drivers\mfesmfk.sys moved successfully.
Service mferkdk stopped successfully!
Service mferkdk deleted successfully!
C:\Windows\SysNative\drivers\mferkdk.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
ADS C:\ProgramData\Temp:5C270C64 deleted successfully.
ADS C:\ProgramData\Temp:6FB93194 deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: dave
->Temp folder emptied: 117913992 bytes
->Temporary Internet Files folder emptied: 81437922 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 97703 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: elizabeth
->Temp folder emptied: 17398090 bytes
->Temporary Internet Files folder emptied: 98763900 bytes
->Google Chrome cache emptied: 6773904 bytes
->Flash cache emptied: 62107 bytes

User: Natasha
->Temp folder emptied: 13319514 bytes
->Temporary Internet Files folder emptied: 148954757 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 179610 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 672808 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 464.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04252013_012621

Files\Folders moved on Reboot...
C:\Users\dave\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\dave\AppData\Local\Temp\~DF6C0AE0B9C63CA2E1.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DF9F691F3891606FCF.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFB31A52AD33D4F28D.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFB650B26768085FCC.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Temp\~DFC218B7A8CB35AB9F.TMP not found!
File\Folder C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\ComboFix[1].exe not found!
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\page__p__2288553__fromsearch__1[1].htm moved successfully.
File\Folder C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZE4BAVU1\Rebrand2013_PRS_hover[1].png not found!
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Satchfan]

And the ComboFix log?