Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

poor performance, locks up randomly restarts [Solved]


  • This topic is locked This topic is locked

#76
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

status is OK

Good.

also i am able to use the laptop, its actually working!!!! go figure

A surprising but welcome turn of events eh, stranger things happen at sea as they say...

OK lets try a Malwarebytes Anti-Malware scan per the prior instructions in post #56 and also follow the Scan with FSS instructions as well please.
  • 0

Advertisements


#77
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

6 pages for this repair,,,might be a record LOL

 

 

no threats found with threat MB  scan

 

Farbar Service Scanner Version: 17-01-2015
Ran by JPR (administrator) on 01-02-2015 at 18:39:52
Running from "C:\Users\JPR\Desktop\virus repair 2015"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

Edited by richclan, 01 February 2015 - 05:46 PM.

  • 0

#78
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

6 pages for this repair,,,might be a record LOL

Aye certainly getting there! :lol:

Levity aside, lets address the issue denoted by the FSS scan as follows...

ESET ServicesRepair:

Please download ServicesRepair to the desktop.
  • Right-click on ServicesRepair.exe and select Run as Administrator to start the program >> Yes
  • Reboot your computer at the prompt. If not prompted to do so, reboot the machine regardless.
Note: there will now be a folder named CC Support on the desktop, do not delete this until I give the all clear.

Re-scan with FSS:
  • Right-click FSS.exe and select Run as Administrator to start the program.
  • Select all available options.
  • Then click on the Scan tab.
  • When the scan is complete, it will produce a log named FSS.txt.
  • Post the contents in your next reply.

  • 0

#79
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
Farbar Service Scanner Version: 17-01-2015
Ran by JPR (administrator) on 02-02-2015 at 11:44:16
Running from "C:\Users\JPR\Desktop\virus repair 2015"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#80
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Lets address the Windows Update issues and afterwards install Service Pack 1 as follows...

Custom Batch File:

Please download the attached wuauserv.bat below and save to the desktop:-



Now right-click on the desktop wuauserv.bat and select Run as Administrator to process the batch file. It will self-delete when completed and the computer will automatically reboot.

Download/Install SURT:

Please download the installer for the System Update Readiness Tool from here and save to the desktop.

Double-click on Windows6.1-KB947821-v34-x64.msu >> follow the prompts to install.

Note: This may take some time to be processed/fully install.

Download/Install SP1:

Please download the installer for Windows 7 Service Pack 1 from here.

After you click on the the orange Download button, you will be presented with various downloads select this download:-

windows6.1-KB976932-X64.exe

Then click on the blue Next button >> and save to the desktop.

Right-click on windows6.1-KB976932-X64.exe and select Run as Administrator >> follow the prompts to install.

Note: This may take some time to be processed/fully install. If not prompted to reboot the machine do so upon completion.

Next:

Let myself know when completed the above, if any problems encountered and or further issues remaining.

Also confirm for myself that at present a Anti-Virus is not installed. We will then go from there, thank you.
  • 0

#81
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

SURT got an error 0x80080005 server execution failed if this is due to bad internet I can try this at home after 6pm...


it didn't work in safe mode either attempting sp-1 now ... no luck with sp-1

i'll try it later

 

cant get it to work , even with clean boot and good wi-fi


Edited by richclan, 04 February 2015 - 09:46 AM.

  • 0

#82
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Carry out the below then afterwards retry to install SP1...

Download this Fixit from here and save to the desktop.

Then double-click on MicrosoftFixit50202.msi >> select the option I Agree when the Fixit launches >> Next>

At the next window, select the option Run aggressive mode options >> Next> >> once complete click on Close >> select Yes at the prompt to reboot the machine.
  • 0

#83
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts

success  :spoton:

 

sp-1 is installed...  thanks

 

now pc has more updates to install, just let me know when....

 

i have avast installed currently


Edited by richclan, 04 February 2015 - 11:02 PM.

  • 0

#84
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

success :spoton:

sp-1 is installed... thanks

Good and you're welcome!

now pc has more updates to install, just let me know when....

Leave this for the time being until I give the all clear.

i have avast installed currently

Acknowledged, pending no further issues remaining lets remove all tools used during the course of the malware removal process etc. Afterwards I will provide some online safety advise.

Clean-Up with DelFix:

Please download DelFix to your desktop

Some of the tools I asked to be downloaded appear to be in this folder on the desktop:

virus repair 2015

It would be prudent to move all within the aforementioned to the actual desktop for the below to work correctly.
  • Right-click on delfix.exe and select Run as Administrator to launch the application.
  • Referring to the image below, select all available options:
DelFix.gif
  • Then click on Run.
  • Once it has finished processing, a notepad file named DelFix.txt will open. Post the contents in your next reply for my review.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.
  • After you have posted the aforementioned DelFix.txt, delete it and empty the Recycle Bin.
Note: The above application/overall process will flush old System Restore points and create a new clean one. It should also clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.
  • 0

#85
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
here you go
 
 
 
# DelFix v10.8 - Logfile created 05/02/2015 at 22:24:03
# Updated 29/07/2014 by Xplode
# Username : JPR - MADDIE-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\JPR\Desktop\aswmbr.exe
Deleted : C:\Users\JPR\Desktop\FRST64.exe
Deleted : C:\Users\JPR\Desktop\FSS.exe
Deleted : C:\Users\JPR\Desktop\FSS.txt
Deleted : C:\Users\JPR\Desktop\MBR.dat
Deleted : C:\Users\JPR\Desktop\ServicesRepair.exe
Deleted : C:\Users\JPR\Desktop\zoek-results.txt
Deleted : C:\Users\JPR\Desktop\zoek.exe
Deleted : C:\Users\JPR\Downloads\AdwCleaner.exe
Deleted : C:\Users\JPR\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\JPR\Downloads\Extras.Txt
Deleted : C:\Users\JPR\Downloads\OTL.Txt
Deleted : C:\Users\JPR\Downloads\OTL.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

Advertisements


#86
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

here you go

Good...Congratulations your Daughter's computer appears to be malware free!

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Slow Computer/browser?

Also so is this:

What to do if your Computer is running slowly

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

The presently installed security application, Avast Anti-Virus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Further reading/resources:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

As is this: Computer Security - a short guide to staying safer online

And these are worth reading also: Understanding Windows Firewall settings & Securing Your Router

Keep Your System Updated:

Microsoft releases patches for Windows and other products regularly:
  • Click on Start(Windows 7 Orb) >> All Programs >> Windows Update.
  • In the navigation pane, click Check for updates.
  • After Windows Update has finished checking for updates, click View available updates.
  • Click to select the check box for any found, then click Install.
  • When completed Reboot(restart) your computer if not prompted to do so.
Plus check Automatic Updates is enabled.

Update to Internet Explorer v11:

IE9 has been superseded by IE11 for Windows 7 and above. I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.

Even if you do not use IE often having the latest version installed will still increase your machines overall security. This web-page is worth bookmarking/reading for future reference:-

Securing Your Web Browser

Check your third party software is up to date:

Certain software such as Adobe related for example can be exploited by malware if it is not up-to date. I advise you consider downloading and installing Heimdal Free. Further information about this application can be read on the download page.

Be careful when opening attachments and downloading files:

1 - Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.

2 - Never open emails from unknown senders.

4 - Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.

5 - Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on FileHippo or MajorGeeks

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

I will further add; P2P software has the ability to create a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their infected dross onto your computer. Further to that, if your P2P software is not configured correctly you may be sharing more files than you realise. There have been cases where people's address books, passwords, other personal, private and financial details have been exposed to the file sharing network by a badly configured P2P applications

My friendly advice is to avoid these types of software applications.

Consider the below extra/layered security for the machine:

Custom Host File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:Only use one of the above!

CryptoPrevent Tool:

How to prevent your computer from becoming infected by CryptoLocker

WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to the computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

Any questions? Feel free to ask, if not stay safe!
  • 0

#87
richclan

richclan

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 180 posts
maddie and i thank all that helped get her laptop working. its so nice to have the support here when i need it :)

she read the last post and will apply it as a guide to safe surfing.

im thinking i should update my win 7 laptop to sp-1 as well.

dakeyras any idea what the culprit was that caused so much grief for you all ????

Edited by richclan, 07 February 2015 - 06:37 AM.

  • 0

#88
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Acknowledged and you're both most welcome! Aye it would be prudent to install SP1 on your machine also.

dakeyras any idea what the culprit was that caused so much grief for you all ????

Basically at times malware removal can result in unpredictable results with the knock on affect it will create all kinds of issues that are quite detrimental...

In this instance the machine was initially quite badly infected and in turn this was the root cause for most of the problems we encountered. This does not always occur but as mentioned it can at times. :)
  • 0

#89
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP