19 replies to this topic

[progrocktv]

Hi,

My computer is taking approx. 45 minutes to boot up. After that it's constant slowness, a solid blue screen every so often and then my desktop with all my icons missing. Functionality is basically useless. Attached is my aswMBR log, however my computer freezes up and I don't think it has a full scan (I ran it all night and this is what I got). Also I tired downloading Farbar, however my Norton Anti Virus keeps deleting the program, so I am unable to run it.

 

Thanks,




 

Attached Files

•  aswMBR.txt   1.78KB   375 downloads

[Satchfan]

Hi progrocktv and welcome back.

Please disable your Norton antivirus and try running FRST again - in safe mode if necessary.

Thanks

Satchfan

[progrocktv]

Hi again Satchfan,

Worked this time, below are my logs (still not sure if the aswMBR did a full scan, but attached anyways)

 

Thanks

Attached Files

•  aswMBR.txt   1.78KB   365 downloads
•  FRST.txt   47.42KB   363 downloads
•  Addition.txt   58.85KB   411 downloads

[Satchfan]

Thanks for the logs.

 

Time difference problem - it's 11:15pm here, (GMT), so I won't repy tonight. Also busy in the day tomorrow but will get back as quick as I can.

 

Meanwhile, please do the following:

 

Run Security Analysis

Download Security Analysis by Rocket Grannie from here

• save it to your Desktop
• close your security software to avoid potential conflicts
• double-click RGSA.exe
• click OK on the copyright-disclaimer
• when finished, a Notepad window will open with the results of the scan
• the log named SALog.txt can also be found on the Desktop or, in the same folder from where the tool is run if installed elsewhere
• please copy and paste the contents of that log in the next post.

Note: If you get a Warning from Windows about running the program, click on More info and then click Run Anyway to run it even though Windows says it might put your PC at risk.

 

Satchfan

[progrocktv]

Hi Satchfan,

No worries, I'm pretty much out tomorrow as well.

 

Log attached.

 

Thanks!

 

Attached Files

•  SALog.txt   1.04KB   511 downloads

[Satchfan]

No malware but some adware and programmes that need to go.

Uninstall programmes

Please uninstall these programmes:

Ad-Aware Antivirus
AdAwareInstaller
AdAwareUpdater
AntimalwareEngine
ESET Online Scanner v3
Java, (any version present)
Popcorn Time

 

===================================================

 

You need to move Farbar Recovery Scan Tool to your desktop otherwise fixes will not work.

• go to C:\Users\Phil\Desktop\Temp\What the Tech and locate Farbar Recovery Scan Tool
• right click and select Cut
• go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

================================================

Run Farbar Recovery Scan Tool

 

• right-click FRST/FRST64 and select ‘Run as administrator’
• highlight the contents of the code box below, then press Ctrl+c):

Start::
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2352554253-1179582315-1634381772-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=US&ver=22.11.0.41&locale=en_US&guid=25E71708-1921-404C-BB29-AF65E142FC2F&doi=2016-09-01&gct=kwd&qsrc=2869
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
S2 HPSLPSVC; C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hpslpsvc64.dll [X] <==== ATTENTION
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.5.15\Definitions\SDSDefs\20160713.021\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.5.15\Definitions\SDSDefs\20160713.021\EX64.SYS [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [X]
2013-01-09 23:46 - 2014-07-26 13:48 - 000139264 _____ () C:\Users\Phil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-22 21:10 - 2015-02-22 12:07 - 000000600 _____ () C:\Users\Phil\AppData\Local\PUTTY.RND
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll [2015-08-27] ()
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll [2015-08-27] ()
2015-08-27 14:57 - 2015-08-27 14:57 - 009558752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
2015-08-27 14:57 - 2015-08-27 14:57 - 003549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_date_time-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_thread-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_locale-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_chrono-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 002266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\HtmlFramework.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTrayDefaultSkin.dll
FirewallRules: [{17195728-65BA-42F9-8299-936B29B3FC95}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3CAB3B7D-F73D-4C73-86FA-534BD828502D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E97C30FF-BFE5-4124-A9BA-3CD1F37A4489}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{A816A32D-EAFA-4BFF-AA6F-E12BD9774CA9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{59E3ACD3-4E7E-437A-A7AC-07646AF9BD98}] => (Allow) C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
FirewallRules: [{63424CF4-5122-4ACF-BF08-DD12D4D7A6FE}] => (Allow) C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hpslpsvc64.dll
C:\Program Files\Lavasoft
C:\Program Files (x86)\Popcorn Time
C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
EmptyTemp:
End::

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

• in the FRST window, press the ‘Fix’ button once and wait
• please reboot the computer if requested
• it will create a log on your desktop, (Fixlog.txt); please post it to your reply.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

• run AdwCleaner by clicking on Scan
• when it has finished, leave everything that was found checked, (ticked), then click on Clean
• if it asks to reboot, allow the reboot
• on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

 

• shut down your protection software now to avoid potential conflicts.
• run the tool by double-clicking it. If you are using Windows Vista/7/8/10, instead of double-clicking, right-mouse click JRT.exe and select ‘Run as Administrator’
• the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• on completion, a log (JRT.txt) is saved to your desktop and will automatically open
• post the contents of JRT.txt into your next message.

===================================================

 

Run Malwarebytes Anti-Malware

Please download and run the installer for Malwarebytes 3.0.

• follow the prompts to install the program, (Malwarebytes 3.0 will automatically upgrade Malwarebytes Anti-Malware 2.x to Malwarebytes 3.0)
• at the end, be sure a checkmark is placed next to the following
  • Launch Malwarebytes Anti-Malware
  • a 14 day trial of the Premium features is pre-selected: deselect this if you don’t want it, (it won’t diminish the scanning and removal capabilities of the program).
• click Finish.
• on the Dashboard, click Update Now
• after the update completes, click the Scan Now' button.
• if an update is available, clicking the Update Now button will update it
• a Threat Scan will begin.
• when the scan is complete, if malware has been detected, click Apply Actions to allow MBAM to clean what was found
• when the prompt to restart the computer appears, click Yes.
• after the restart once you are back at your desktop, open MBAM once more
• click on the ‘History’ tab, the ‘Application Logs’
• double-click on the scan log which shows the date and time of the scan just performed.
• click Copy to Clipboard
• please paste the contents of the clipboard into your reply.

Logs to include with the next post:

 

 

Fixlog.txt

AdwCleaner log
JRT.txt
Mbam.txt

Thanks

Satchfan

[progrocktv]

Here ya go.

 

Thanks!

Attached Files

•  Fixlog.txt   11.81KB   380 downloads
•  AdwCleanerC0.txt   4.37KB   373 downloads
•  JRT.txt   550bytes   344 downloads
•  Mbam.txt   1.21KB   372 downloads

[Satchfan]

The FRST 'fix' didn't work. When you copy what is in the 'Code' box, you need to make sure that you begin with Start:: finish with End:: or it won't work.

 

Please run the fix again and send the resulting log.

 

Thanks

[progrocktv]

Here ya go. I copied it & ran the program, however it didn't ask me to paste it anywhere (I'm assuming it's taking from the clipboard) Anyway attached is the current log.

[Satchfan]

Not attached. Please copy and paste it into the post.

[Satchfan]

I’m afraid that I will not be able to reply for 24 hours as I have to deal with an urgent situation and won’t have access to a computer.

Apologies for the inconvenience.

Satchfan

[progrocktv]

No worries, in the meantime here's my log (also attached again)

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Phil (02-12-2017 15:21:29) Run:5
Running from C:\Users\Phil\Desktop
Loaded Profiles: Phil (Available Profiles: Phil)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2352554253-1179582315-1634381772-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=US&ver=22.11.0.41&locale=en_US&guid=25E71708-1921-404C-BB29-AF65E142FC2F&doi=2016-09-01&gct=kwd&qsrc=2869
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
S2 HPSLPSVC; C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hpslpsvc64.dll [X] <==== ATTENTION
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.5.15\Definitions\SDSDefs\20160713.021\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.5.15\Definitions\SDSDefs\20160713.021\EX64.SYS [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [X]
2013-01-09 23:46 - 2014-07-26 13:48 - 000139264 _____ () C:\Users\Phil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-22 21:10 - 2015-02-22 12:07 - 000000600 _____ () C:\Users\Phil\AppData\Local\PUTTY.RND
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll [2015-08-27] ()
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll [2015-08-27] ()
2015-08-27 14:57 - 2015-08-27 14:57 - 009558752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
2015-08-27 14:57 - 2015-08-27 14:57 - 003549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_date_time-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_thread-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_locale-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_chrono-vc120-mt-1_57.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 002266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\HtmlFramework.dll
2015-08-27 14:57 - 2015-08-27 14:57 - 000868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTrayDefaultSkin.dll
FirewallRules: [{17195728-65BA-42F9-8299-936B29B3FC95}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3CAB3B7D-F73D-4C73-86FA-534BD828502D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{E97C30FF-BFE5-4124-A9BA-3CD1F37A4489}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{A816A32D-EAFA-4BFF-AA6F-E12BD9774CA9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{59E3ACD3-4E7E-437A-A7AC-07646AF9BD98}] => (Allow) C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
FirewallRules: [{63424CF4-5122-4ACF-BF08-DD12D4D7A6FE}] => (Allow) C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hpslpsvc64.dll
C:\Program Files\Lavasoft
C:\Program Files (x86)\Popcorn Time
C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe
EmptyTemp:

*****************

Processes closed successfully.
HKU\S-1-5-21-2352554253-1179582315-1634381772-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => key not found
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => key not found
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn => key not found
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => key not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => key removed successfully
HPSLPSVC => service not found.
NAVENG => service not found.
NAVEX15 => service not found.
semav6msr64 => service not found.
semav6thermal64ro => service not found.
"C:\Users\Phil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
"C:\Users\Phil\AppData\Local\PUTTY.RND" => not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key not found
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key not found
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key not found
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key not found
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key not found
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key not found
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AdAwareContextMenu => key not found
HKLM\Software\Classes\CLSID\{5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => key not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\AdAwareContextMenu => key not found
HKLM\Software\Classes\CLSID\{5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => key not found
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_date_time-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_thread-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_locale-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_chrono-vc120-mt-1_57.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\HtmlFramework.dll" => not found.
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTrayDefaultSkin.dll" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17195728-65BA-42F9-8299-936B29B3FC95} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CAB3B7D-F73D-4C73-86FA-534BD828502D} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E97C30FF-BFE5-4124-A9BA-3CD1F37A4489} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A816A32D-EAFA-4BFF-AA6F-E12BD9774CA9} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59E3ACD3-4E7E-437A-A7AC-07646AF9BD98} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63424CF4-5122-4ACF-BF08-DD12D4D7A6FE} => value not found.
"C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hpslpsvc64.dll" => not found.
"C:\Program Files\Lavasoft" => not found.
"C:\Program Files (x86)\Popcorn Time" => not found.
"C:\Users\Phil\AppData\Local\Temp\7zS2CDA\7zS7B5D\hppiw.exe" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7584189 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 235224 B
Edge => 0 B
Chrome => 0 B
Firefox => 296981384 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13682 B
NetworkService => 0 B
Phil => 1627648 B

RecycleBin => 0 B
EmptyTemp: => 300.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:23:00 ====

Attached Files

•  Fixlog.txt   11.47KB   365 downloads

[Satchfan]

Thanks for the log.

 

Are things still the same or have they improved? Please give me an update.

 

Satchfan

[progrocktv]

Working a lot faster and booting up normally now :-)

[Satchfan]

Let’s run an online scan to be sure nothing is left and if that’s clear I’ll send instructions to tidy up.


Run ESET Online Scan

Note: This may take a long time so please be patient.

IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.

Note: You can use Internet Explorer, FireFox or Chrome for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

• click the Run Eset online Scanner button
• for alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  

  
  o    click on esetinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  o    double click on the Eset installer icon on your desktop.
   

• check Yes, I accept the Terms of Use
• click the Start button
• accept any security warnings from your browser
• check Enable detection of potentially unwanted applications
• click Advanced settings and select the following:
  

  
  o    scan archives
  o    scan for potentially unsafe applications
  o    enable Anti-Stealth technology

  
  Note: Do not check Remove found threats
   

• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• when the scan completes, push List of found threats
• push Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  

  
  Note - if ESET doesn't find any threats, no report will be created.
   

• push the back button.
• push Finish

When the scan is complete:

If no threats were found:

o    put a checkmark in "Uninstall application on close"
o    close program
o    report to me that nothing was found.
 

If threats were found:

o    click on "list of threats found"
o    click on "export to text file" and save it as ESET results and save to the desktop
o    click on back
o    put a checkmark in "Uninstall application on close"
o    click on finish
o    close program
o    copy and paste the report here
 

Thanks

Satchfan