Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow Windows\IExplorer and Chrome [Solved]


  • This topic is locked This topic is locked

#16
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Thanks, I have seen your last post and will get back to you soon. :geek:


  • 0

Advertisements


#17
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tal5,
 
Thank you for the new logs.  There are a few more steps here, and then I'd like to know how  the machine is running.
 
Step 1
 
Please find and post the contents of the AVG remover tool log, located at C:\Users\Tal\Downloads\avgremover.log
 
Step 2
 
Please find the following program in your Control Panel > Programs and Features list and uninstall it:

Visual Studio 2012 x86 Redistributables

 
Step 3
 
Please remove the AVG SiteSafety plugin from your Chrome Web Browser by following the below steps:

  • Open Google Chrome
  • Click the Chrome menu chromeMenu_zps2e4a2dd1.png on the browser toolbar.
  • Click Tools.
  • Select Extensions.
  • Click the trash can icon chromeDelete_zps9fca21d7.png by the AVG SiteSafety extension.
  • A confirmation dialog appears, click Remove.

Step 4
 
Please download a new copy of the Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
Download attached fixlist.txt file and save it to your Desktop.
 

Attached File  fixlist.txt   2.38KB   143 downloads
 
(NOTE. It's important that both files, FRST/FRST64 and fixlist.txt, are in the same location or the fix will not work.)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt).
 
 
Finally
 
For your next reply, please post the contents of these logs:

  • avgremover.log
  • Fixlog.txt

And tell me how the computer is running.  :)


  • 0

#18
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

Here is the new FIXLOG- 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-09-2014
Ran by Tal at 2014-09-05 21:56:50 Run:2
Running from C:\Users\Tal\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Secure Search\vprot.exe"
C:\Program Files\AVG Secure Search\vprot.exe
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={EF63917F-8F81-4F45-9527-48631223000E}&mid=a852dbc529c4250ab22dee7d01b77686-11f619284a5c84eca1f1e817de7930dd4e9e0c3b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 23:22:57&v=18.1.9.799&pid=avg&sg=&sap=dsp&q={searchTerms}
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-30] (AVG Secure Search)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-30] (AVG Technologies)
2014-09-01 23:43 - 2014-09-01 23:43 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341 (1).exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03529160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341.exe
2014-09-01 23:39 - 2014-09-01 23:39 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tal\Downloads\avg_remover_stf_x86_2014_4116.exe
2014-08-30 23:23 - 2014-08-31 03:23 - 00000000 ____D () C:\Users\Tal\AppData\Local\AVG Secure Search
2014-08-30 23:22 - 2014-09-01 23:40 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-30 23:22 - 2014-08-30 23:22 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-08-30 23:22 - 2014-08-30 23:22 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
 
*****************
 
[1548] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe => Process closed successfully.
[2128] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe => Process closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vProt => value deleted successfully.
"C:\Program Files\AVG Secure Search\vprot.exe" => File/Directory not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\PROTOCOLS\Handler\viprotocol" => Key deleted successfully.
"HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2" => Key deleted successfully.
vToolbarUpdater18.1.9 => Service deleted successfully.
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe => Moved successfully.
avgtp => Service stopped successfully.
avgtp => Service deleted successfully.
C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341 (1).exe => Moved successfully.
C:\Users\Tal\Downloads\avg_remover_stf_x86_2013_3341.exe => Moved successfully.
C:\Users\Tal\Downloads\avg_remover_stf_x86_2014_4116.exe => Moved successfully.
C:\Users\Tal\AppData\Local\AVG Secure Search => Moved successfully.
C:\ProgramData\AVG Secure Search => Moved successfully.
C:\Windows\system32\Drivers\avgtpx86.sys => Moved successfully.
"C:\Program Files\Common Files\AVG Secure Search " => File/Directory not found.
=> Error: No automatic fix found for this entry.
 
==== End of Fixlog ====
 
The other log was too big, I tried to copy here few times and failed...
Any Idea to upload it? 
 
The computer works better... no doubt about that. 

  • 0

#19
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello, is it possible to spread the log over more than one post? 

 

How big is it in KB?


  • 0

#20
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tal5, did you see my last post several days ago?


  • 0

#21
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

Hello,

Im really sorry, Im studing and working, I was very busy the last few days, I really apologize for the lack of response.

My computer works better. 

about your question- the log file size is 24.8 KB.

Is it possible to upload in any other way? 


  • 0

#22
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

No problem.  Can you break it up into more than one post?  If not, you could attach it and I can do it for you.


  • 0

#23
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

I tried befor, not possible.

Attached Files


Edited by tal5, 14 September 2014 - 08:31 AM.

  • 0

#24
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Thanks for posting that.  I don't think it's worth posting the contents after reviewing.  It's just a script that checks for traces of AVG throughout the System and deletes them.

=================
 
Congratulations, your log is clean! :thumbsup:

Now, let's cover some additional steps to clean up your computer and help you avoid getting infected again...

Step 1

Tools Cleanup and Housekeeping

The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

Download attached fixlist.txt file and save it to the Desktop.


NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
 

Next
 

Run DelFix to remove malware analysis tools:[/b]

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
    Delfix_zps4e249ce4.png
  • Click Run

Now let's take a few preventative measures to reduce the risk of further infections. :cool:



Step 2

Automatic Updates for Windows 7

Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically.

Turn ON Automatic Updates in Windows 7



Step 3

Java Warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java.  Read more about it here and here.

Unless you need it to run important software the safest approach is to completely uninstall Java. Where you do require it then the next safest option is to disable it in your browsers until you need it, then enable it.

How to diasble Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vunerable to malicious attack.

  • Click Start>Control Panel>Add/Remove Programs.
  • Uninstall  all Java updates
  • Reboot your computer if prompted
  • Download Java for Windows.
  • Once downloaded, run the installer program, making sure to uncheck "Install the Ask Toolbar and make Ask my default search provider".  Disable any other optional software, settings or toolbars if offered.
  • Reboot your computer.

Step 4

Web Browser security

Your log shows you are using Internet Explorer 8, which is very outdated and has many known vulnerabilities.  You should consider using Mozilla Firefox:

Most malware is exploiting Internet Explorer's vulnerabilities, with Firefox you will be more secure.
Note: If you are going to use Firefox, I would suggest the use of these add-ons:

  • NoScript - for blocking ads and other potential website attacks.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

Step 5


Other Program updates

Adobe Reader - You should get the latest version and keep it updated.  Best of all, its FREE:

  • Get Adobe Reader
  • Make sure to uncheck the check box labelled "Yes, install McAfee Security Scan Plus - optional", or any other optional "features".

Step 6

Anti Spyware

You already have an excellent preventative program that will help to keep the nasties away - Malwarebytes Anti-Malware.  I would advise updating and running this at least once a month.  If you need to download it again, you can get it from here:

Malwarebytes Anti-Malware

It would be good to run a scan right now!  ;)

Step 7

Personal Firewalls

Next let's look at Firewalls. These help to prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Below are two free firewalls to choose from, if you do not already have one. Note: You only want to use one firewall your system.

You can use the built-in Windows 7 Firewall, OR use a third-party one, such as these:

Step 8

Anti Virus Programs

Keep your Anti-Virus program (Avast!) updated and scan regularly with it.  A weekly scan is recommended.


Step 9

Instant Messengers

Almost done! If you like to use chat, MSN and Yahoo have vulnerabilities that can leave you open to infections. There are however a couple of very good, malware-free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN):

Step 10

File/System Cleaners

Finally, it is a good idea to clear out all your temp files every now and again. This will help keep your computer running optimally. It can detect registry errors, missing shortcuts, invalid files, etc. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

Step 11

CryptoLocker Warning
 
CryptoLocker is a particularly nasty infection which is becoming more prevalent..
 
Go here for information about CryptoLocker Ransomeware. Learning about what is out there may help you prevent infection. The best protection against this infectoin is to backup your files often. If you're using an external drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever have the frustrating experience of contracting it.
 
It is suggested to Download CryptoPrevent, which is free for home use. It will help prevent CryptoLocker infection.



Further Reading

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this excellent article, originally written by Tony Klein, and updated by SpySentinel.

I will keep this log open for the next couple of days, so if you have any further problems, you can post another reply here.

OK, happy computing, and stay safe! :cool:

Please reply again to this thread to acknowledge you have read my last post.  If you have no further questions, this thread will be closed to prevent others from posting here.

Thanks!


  • 0

#25
tal5

tal5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Thank you very much for your support and patience, really appreciate it. 
At this moment the machine running much better, and in any case, one of my friends will give me later A 64-bit Windows 7 Ultimate, It should let my computer better working performance.  
 
 
Thank you again!!

  • 0

Advertisements


#26
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

You're more than welcome!  Glad to be of help!


  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP