Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Pop-ups everywhere, slow programs, task manager has many applications

  • This topic is locked This topic is locked




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Diagnostic Report (1.9.0027.0):
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
Windows Product ID: 00359-OEM-8992687-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {5019C0BA-1147-4C35-BCC2-DFBEBDCD1744}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{5019C0BA-1147-4C35-BCC2-DFBEBDCD1744}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-2651573275-3495793990-4294649527</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>p6-2133w</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>7.16</Version><SMBIOSVersion major="2" minor="7"/><Date>20111216000000.000000+000</Date></BIOS><HWID>D6413907018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-CPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows® 7, HomePremium edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800010-02-1033-7601.0000-0422011
Installation ID: 021090877745758052915104867914439363417134094803533434
Processor Certificate URL: http://go.microsoft....k/?LinkID=88338
Machine Certificate URL: http://go.microsoft....k/?LinkID=88339
Use License URL: http://go.microsoft....k/?LinkID=88341
Product Key Certificate URL: http://go.microsoft....k/?LinkID=88340
Partial Product Key: 3Q6C9
License Status: Licensed
Remaining Windows rearm count: 1
Trusted time: 11/7/2013 11:26:50 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:

HWID Data-->

OEM Activation 1.0 Data-->

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
  • 0





  • Retired Staff
  • 8,228 posts
Thanks for the logs. After you have updated the out of date programs please tell me if any further issues are remaining.


Posted Image JAVA Advice
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:If you still want to update your Java, follow the instructions below:

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older versions of Java components and update:

  • Download the latest version of the Java Runtime Environment (JRE) Version from Here or Here and save it to your desktop.
  • Look for "Java Platform, Standard Edition". You will see the current Java version and update number under listed under the heading. Example: The newest update is Java SE 7u45
  • Click the "Download button under the JRE" column.
  • On the Java SE Runtime Environment page, click the button to "Accept License Agreement".
  • Under the Java SE Runtime Environment 7u45 heading:
    To install the version for your system:
    • For Windows 64bit systems, look for Windows x64 29.27MB, click the jre-7u45-windows-64.exe file and save it to your desktop. Do Not run it from the Java site.
  • Close any programs you may have running - especially your web browser.

Uninstall all versions of Java

  • Click the Start Orb, click Control Panel, and under the Programs or Programs and Features section, click Remove a program. The list of installed programs will populate.
  • Remove all older versions of Java. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE or J2SE
    The versions I see on the computer are:
    • JavaFX 2.1.1
    • Java 7 Update 40
  • Right click each program and click Uninstall and follow the on screen instructions for the Java uninstaller.
  • For Vista/7/8: Right click each program and click Uninstall and follow the on screen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
Install the latest JAVA

  • Back on your desktop:
    • Right click thejre-7u45-windows-x64.exefile and click Run as Administrator and OK the UAC prompt to install the newest version.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
[Note:] The Java Quick Starter (JQS.exe) adds a service to improve the initial start up time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > You will have to be in Classic View to see Java(It looks like a coffee cup). Double-click on Java click the Advanced Tab click Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.


Update Adobe Reader

Earlier versions of Adobe Reader have known security flaws so it is recommended that you update your copy.
  • Windows Vista /7 Users: Click the Start Orb and click Control Panel. Under the Programs heading click Uninstall a program
  • Remove ALL instances of Adobe Reader. The versions I see on the computer are:
    Adobe Reader 10.1.3
  • Re-boot your computer as required.
  • Once ALL versions of Adobe Reader have been uninstalled, download the latest version of Adobe Reader from Here.
    On the Download page:[list]
  • Make sure the system and language info is correct.
  • Under the Optional offer: section, Remove the check mark next to Yes, install McAfee Security Scan Plus box.
  • Click the Install Now button to download Adobe Reader and follow the directions.
Alternative Option: After uninstalling Adobe Reader, you could try installing Foxit Reader from HERE. Foxit Reader is a much smaller program. It has fewer add-ons therefore loads more quickly.
NOTE: When installing FoxitReader, be careful not to install anything to do with AskBar.


Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know how the updates went.
2. Let me know of any remaining issues.
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Got everything updated.
It's still running ridiculously slow and alot of programs aren't working properly. Like trying to do anything within a program takes 60 seconds.
  • 0




  • Retired Staff
  • 8,228 posts
I just don't see any malware remaining. Computer slowness can be caused by so many things ... disk fragmentation, startup items, software, hardware, overheating, failing RAM, ect;
But the biggest thing I saw in the Windows error log in the original Extras.txt log that you posted was this:

[ System Events ]
Error - 10/24/2013 5:42:24 AM | Computer Name = TeamOne | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 10/24/2013 5:49:40 AM | Computer Name = TeamOne | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 10/24/2013 5:53:06 AM | Computer Name = TeamOne | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

We corrected the HOSTS file problem. The hard disk errors could be just a bad block, or they could be an indication that the hard disk is failing. Let's check that out first.

Hard-Drive Maintenance/Repair:

Note: for the CHKDSK portion you may refer to a tutorial by Dakeyras, found here and follow the instructions for Graphical Mode if you so wish.
NOTE: If you decide to use the Graphical Mode, close the Command window after Defrag has finished by typing Exit at the blinking cursor and pressing the Enter key.
IMPORTANT: Before running Chkdsk to repair a volume, you must do the following:
  • Be prepared to let the Chkdsk process complete. There are 5 stages that it will go through.
  • If you use the /f or /r parameter on a large volume (for example, 450 GB) or on a volume with a very large number of files (in the millions), Chkdsk can take a long time to complete.
    NOTE: My record so far was a 450GB hard drive that took 20+ hours for Chdsk to complete because of the errors on the disk. When it gets to Stage 4 (Verifying file data) it may stay on the same file number for hours. Chkdsk is still running even though it looks like it has quit responding and stalled. Just let it run.
  • The volume is not available during this time because Chkdsk does not relinquish control until it is done. If a volume is being checked during the startup process, the computer is not available until the Chkdsk process is complete.
  • Chkdsk does not include parameters that let you cancel the Chkdsk process.
  • Click Start , then click Run... In the Open box type CMD and click on OK.
  • At the Command Prompt C:\ > type the following:
  • CD C:\ and press the Enter key.
  • Now type in DEFRAG C: -F
  • A Analysis report will be displayed and then Windows will start the Deragmentation run automatically.
  • This may take some time, when completed the Command Prompt C:\ > will appear.
    NOTE: If you chose to use the Graphical Mode, this would be where you close the Command window. If you want to continue in the Command window, complete the remaining steps.
  • Now type in CHKDSK C: /R and press the Enter key.
  • When prompted with:

    CHKDSK cannot run because the volume is in use by another process
    Would you like to schedule this volume to be checked next time the system
    restarts (Y/N)

  • Hit the Y key then at the Command Prompt C:\ >
  • Type in EXIT and and press the Enter key.
  • Now Reboot(Restart) your computer.
Note: Upon Reboot(Restart) the CHKDSK(check-disk) will start and carry out the repairs required.

You should see a screen like this just after the Post(power on self test) screen:

Posted Image

Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be canceled and you computer will continue to boot-up as normal.
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
ok, I'm waiting for the checkdisk function to complete
my external harddrive is acting like it's blank though. Is there ANYTHING I could have done to make it appear that way? I definitely did not tell it to format. I'm going to just cry if I lost everything on that hard drive. That was nearly a TB of customer files. I think my computer is just screwed. It's not even that old. Just paid $600 for the cpu about 18 months ago :/
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
check disk just finished and explorer is not working... again.
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
It's doing the same thing it did last time, not letting me shut down the computer or anything. It took like a half hour to get it back the last time so I'm trying to freak out.
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 42 posts
It's back up and everything seems fine except for slow programs.
  • 0




  • Retired Staff
  • 8,228 posts

I too am concerned about Explorer disappearing after a fix or even a Windows diagnostic / repair program runs. We haven't done anything that would erase the external hard drive. I am reluctant to run any hard drive diagnostic programs.
Even though the computer is only 18 months old, hard drives have been known to fail in that short time period.

After you ran chkdsk ran did it find any problems? If you don't know, we will look for the system event entry that should tell us. Windows should have placed an entry in the event log when chkdsk ran. So we won't be running any programs or anything, just getting the log that should be there.


  • Click the Start Orb. In the Start Search box type eventvwr.msc and press the Enter key.
  • Click (Continue) on the UAC screen. The Computer Management window will come up.
  • On the left side of the window click the arrow beside Event Viewer and click Windows Logs
  • Click Application. The Application logs will appear in the center window.
  • The chkdsk log should be the first entry, or near the top. The source column will have an entry of Wininit.
    If it is not the first log:
    • Click on View, and then on Sort by > Date and Time.
    • This should place the chkdsk log at or near the top of the list.
  • Right-click on the Wininit entry and choose Properties or Event Properties. The Event Properties window will open.
  • Click Copy. This will put the text on the clipboard.
  • Open a text file (notepad) and click Paste. This will put the contents or the clipboard into the text file.
  • Save the file to the desktop with a name like chkdsk.txt.
Paste the log in a Reply to this topic.


Posted Image TDSSKiller

Please read carefully and follow these steps.

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Double click the TDSSKiller.exe file to run the application

    Posted Image
  • Then click on Change parameters. A settings page will open.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • If a suspicious object is detected, the default action will be Skip. DO NOT change the default action, click on Continue. (See the image below)

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know what chkdsk found or post the contents of the chkdsk event.
2. The TDSSKiller log
  • 0




  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP