Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my pc sounds like there is something running when there isnt it it is


  • This topic is locked This topic is locked

#1
tuufulhundin

tuufulhundin

    Member

  • Member
  • PipPipPip
  • 126 posts

I have bullguard running as my security software.

 

My computer often times sounds like something is running and when I try to use explorer or chrome or Firefox everything seems to be super slow........................page turning etc etc

 

When I look at cpu usage it shows a high amount even though I may only hav e page open.

 

Bullguard discovered a problem and quarantined it but I cannot work out how to delete the item.......

 

Below is OTL TXT

 

Thanks

Attached Files

  • Attached File  OTL.Txt   159.67KB   77 downloads

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi could I have a fresh look at the system please

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

Hello and thanks.

 

As you requested here are the reports, funnily enough bullguard blocked this from running!!

Attached Files


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know what problems remain after this run please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

GroupPolicyUsers\S-1-5-21-1737900368-1643728146-1281706836-1005\User: Group Policy restriction detected <======= ATTENTION
HKU\S-1-5-21-1737900368-1643728146-1281706836-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://lty.s.upromise.com/member/home
URLSearchHook: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 - Default Value = (value not set)
URLSearchHook: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files\Upromise RewardU Toolbar\Helper.dll ()
URLSearchHook: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files (x86)\Upromise RewardU Toolbar\Helper.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 -> {b167b83b-348e-4f8a-a00d-693f28ede787} URL = http://search.expats...q={searchTerms}
BHO: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.)
BHO-x32: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.)
Toolbar: HKLM - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.)
Toolbar: HKLM-x32 - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.)
Toolbar: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1737900368-1643728146-1281706836-1001 -> Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
FF Homepage: hxxp://shop.upromise.com/?ax=toolbar_rewardu
FF Extension: Upromise RewardU Toolbar - C:\Users\Pettit Family\AppData\Roaming\Mozilla\Firefox\Profiles\9m16m6x0.default-1400773569444\Extensions\{b9871413-95b7-01c4-69cf-961a01420158}.xpi [2014-06-15]
CHR Extension: (Upromise RewardU Toolbar) - C:\Users\Pettit Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpocmpoechljihmgemoaahhmadaenbc [2014-04-23]
2014-11-21 08:51 - 2014-11-21 08:51 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{09877100-8235-4FEC-B4AC-F79FE9A25CD5}
2014-11-21 06:34 - 2014-11-21 06:34 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-11-19 20:27 - 2014-11-20 20:51 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{46814C06-F78E-4660-8EDD-FA89EADB2F92}
2014-11-12 11:40 - 2014-11-16 14:40 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{3937FB55-3321-4324-88BB-D0BAF19DB224}
2014-11-08 08:49 - 2014-11-11 21:46 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{31E68712-7304-4D01-AD7A-0CD2B1A052F4}
2014-11-07 18:45 - 2014-11-07 18:45 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{6FFF6EC0-ADDC-448D-8CAA-6907CE39B152}
2014-11-05 18:18 - 2014-11-07 06:45 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{117DE877-BE57-4F0F-A159-24867A1A6F2A}
2014-11-04 08:41 - 2014-11-05 06:18 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{40AB7A1F-060B-4EEE-8B50-0DFBB889C3FA}
2014-11-03 08:40 - 2014-11-03 20:41 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{94916300-4643-4C30-85A6-B9D89E05961A}
2014-10-31 06:42 - 2014-11-02 20:39 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{FCF44389-2950-477A-9649-308191A3FD4A}
2014-10-29 18:14 - 2014-10-31 06:37 - 00000000 ____D () C:\Program Files (x86)\Upromise RewardU Toolbar
2014-10-29 18:14 - 2014-10-30 18:14 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{4BB0E421-CEC3-48EE-8081-1B20B1673133}
2014-10-29 18:14 - 2014-10-29 18:14 - 00000000 ____D () C:\Users\Pettit Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Upromise RewardU Toolbar
2014-10-29 18:14 - 2014-10-29 18:14 - 00000000 ____D () C:\Program Files\Upromise RewardU Toolbar
2014-10-29 06:13 - 2014-10-29 06:13 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{EF333805-16F7-4E1B-960A-9F18DA9DE81F}
2014-10-24 21:46 - 2014-10-28 08:13 - 00000000 ____D () C:\Users\Pettit Family\AppData\Local\{149EC0FF-FC09-497D-A692-3B77549C0B7B}
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#5
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

here is the fixlog

Attached Files


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch Malwarebytes' Anti-Malware, then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quarantine All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • To submit your reply, click on Add Reply, then right click on the window and select Paste.
  • Submit your reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#7
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

adware cleaner txt attached

Attached Files


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looking a lot better after the first two fixes, is there an improvement ?
  • 0

#9
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

I THINK I HAVE DISABLED BULLGUARD SO I CAN RUN MALWARE BYTES BUT IT SEEMS TO BE.....DO U THINK IT WAS THE UPROMISE TOOLBAR THAT WAS CAUSING THE PROBLEMS?

 

DO U STILL WANT ME TO RUN THE MALWARE BYTES THING?


  • 0

#10
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

NEVER MIND IT IS RUNNING RIGHT NOW


  • 0

Advertisements


#11
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

ATTACHED IS LOG

Attached Files


  • 0

#12
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

Looks like all that pupware was from 1 day back in may......????? i now have bull guard which i am going to reactivate,is there something else ic an use as well as or alongside?

 

Thanks


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Obviously Bullguard does not like Malwarebytes for some reason, how is the computer behaving now ?
  • 0

#14
tuufulhundin

tuufulhundin

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

So far so good. Yes maybe bullguard is feeling a bit threatened........ :D
can i reinstall the upromise tool bar???


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I believe that was the culprit as the other stuff removed were minor remnants

Take the computer for a little test, try your programmes, reboot and just generally use it

Then once you are happy let me know and I will tidy up
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP