Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow old laptop

Started by Sailing Captain , May 04 2015 03:47 PM

  • This topic is locked This topic is locked

#16
zep516
Posted 18 May 2015 - 06:40 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
That's a nag screen we call it, it's wants you to try the paid for version. I would not accept it.

How is the computer ? Any better ? If not would you consider trying a different Anti Virus program ?

Joe
  • 0

Advertisements

#17
Sailing Captain
Posted 19 May 2015 - 03:29 AM

Sailing Captain

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Thanks Joe,

 

It is working a lot better.  I would appreciate it if you can let me know your recommendations on using AVG or something else, and should I keep Malwarebytes or keep and upgrade to full version.

 

Thanks

 

Craig


  • 0

#18
zep516
Posted 19 May 2015 - 03:04 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
If it's working better then we can leave AVG, avg can cause slow downs on some computers that's what I was thinking about. As far as Malwarebytes is concerned it would not hurt to up grade to the full version, I'd consider it. We have another fix to do involving left over files.

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
FirewallRules: [{52FF88F4-4C59-4136-B968-3E9DDDFA2692}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{CD5302C2-F3E6-4D37-9D3B-C67B1AFCBAE4}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{6E6C4B70-5053-47F9-BB3B-3F39041C128A}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6858CB02-877E-4232-90FD-F7FFA3C62C5D}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{DA90239A-9366-47E9-8738-2065E8FC110D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS1C75.tmp\SymNRT.exe
FirewallRules: [{ABFA52A9-BF2F-42DB-AC7A-04D31C9E3E7E}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS1C75.tmp\SymNRT.exe
Emptytemp:

Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.


Post the fixlog.txt in your next reply.

Joe
  • 0

#19
Sailing Captain
Posted 31 May 2015 - 06:36 AM

Sailing Captain

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi Joe,

 

Appologies for the delay, i have been away.  I appreciate your patience.  Below is the log.

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
Ran by Owner at 2015-05-31 22:24:40 Run:2
Running from C:\Computer maintenance
Loaded Profiles: Owner (Available Profiles: Owner & vmdk)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
FirewallRules: [{52FF88F4-4C59-4136-B968-3E9DDDFA2692}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{CD5302C2-F3E6-4D37-9D3B-C67B1AFCBAE4}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{6E6C4B70-5053-47F9-BB3B-3F39041C128A}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6858CB02-877E-4232-90FD-F7FFA3C62C5D}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{DA90239A-9366-47E9-8738-2065E8FC110D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS1C75.tmp\SymNRT.exe
FirewallRules: [{ABFA52A9-BF2F-42DB-AC7A-04D31C9E3E7E}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS1C75.tmp\SymNRT.exe
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG\\SystemComponent => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG\\SystemComponent => value not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB} => key not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0} => key not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3} => key not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE} => key not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6} => key not found.
HKU\S-1-5-21-3524435906-1736606958-2426872304-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339} => key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => key not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52FF88F4-4C59-4136-B968-3E9DDDFA2692} => value Removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD5302C2-F3E6-4D37-9D3B-C67B1AFCBAE4} => value Removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E6C4B70-5053-47F9-BB3B-3F39041C128A} => value Removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6858CB02-877E-4232-90FD-F7FFA3C62C5D} => value Removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA90239A-9366-47E9-8738-2065E8FC110D} => value Removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABFA52A9-BF2F-42DB-AC7A-04D31C9E3E7E} => value Removed successfully.
EmptyTemp: => Removed 63 MB temporary data.


The system needed a reboot.

==== End of Fixlog 22:25:50 ====


  • 0

#20
zep516
Posted 31 May 2015 - 01:45 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Two scans to run ESET could take considerable time.

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Next

Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

In your next reply post;
1. Eset scan results.
2. Checkup.txt.

Thanks
Joe :)
  • 0

#21
Sailing Captain
Posted 07 June 2015 - 06:23 AM

Sailing Captain

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi Joe,

 

I appreciate your patience as I am out of town a lot and have little time to review and action your replies.

 

Below are the logs.  Again I may not get back to this for a while so I apprecaite you keeping this topic open.

 

Craig

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d4aeabfb55a35743bc718749032fc424
# end=init
# utc_time=2015-06-07 10:09:01
# local_time=2015-06-07 08:09:01 (+1000, E. Australia Standard Time)
# country="Australia"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24209
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d4aeabfb55a35743bc718749032fc424
# end=updated
# utc_time=2015-06-07 10:15:50
# local_time=2015-06-07 08:15:50 (+1000, E. Australia Standard Time)
# country="Australia"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d4aeabfb55a35743bc718749032fc424
# engine=24209
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-07 11:23:37
# local_time=2015-06-07 09:23:37 (+1000, E. Australia Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 0 120842601 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1676064 185307408 0 0
# scanned=216848
# found=0
# cleaned=0
# scan_time=4066

 

 

 Results of screen317's Security Check version 1.003  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 25  
 Java Card Security for HP ProtectTools
 Java version 32-bit out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player     17.0.0.169  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox (38.0.1)
 Google Chrome 42.0.2311.152 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 


  • 0

#22
zep516
Posted 07 June 2015 - 04:06 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

1st
Out of date Adobe Reader installed!
Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.
Note Important: Please uncheck any optional offers before downloading.

2nd
Out of date Adobe flash player installed! You should ensure you use the latest Adobe flash player and install any security updates that are released. You can download the latest Flashplayer and updates from Here. Please uncheck any optional offers before downloading.

3rd
Your Java is out of date:
Note
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.
I would uninstall it from the programs an Features menu Start > Control Panel > Programs & Features, uninstall all Java.

Up Date your Chrome browser.

Let me know when all that is done and how things are.

Thanks
Joe :)
  • 0

#23
Sailing Captain
Posted 14 June 2015 - 12:46 AM

Sailing Captain

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi Joe,

I have updated both adobe reader and flash player, also removed Javer.  I don'tuse Chrome,only Firefox.

Malwarebytes trial has expired.  Do i need this?

Any other items I should keep or update.

Thanks

Craig


  • 0

#24
zep516
Posted 15 June 2015 - 11:16 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

I'd keep Malwarebytes on the computer,

Open Malwarebytes, and on the Dashboard, click on ‘End Free Trial’ link which, then will be instantly converted to the free version, so you wont get the nag screen about trial has expired. Always run a Malwarebytes scan when you suspect things just don't seem right on the computer, Malwarebytes can remove an incredible amount of junk files.

Everything else looks ok, so lets remove the tools I had you download..



Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.

  • 0

#25
zep516
Posted 23 July 2015 - 08:50 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP