Computer running Slow

March 27, 2015, 5:48 pm

≪ Previous: Computer stopping, lagging, stops responding, has black boxes on screen....

I play a game on Facebook called "The Last One", I have noticed that as time went on my computer has been running slower. It's gotten bad lately.Could you please check my system for the reason? Thank you

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 8096 Mb
Graphics Card: Intel(R) HD Graphics, -1988 Mb
Hard Drives: C: Total - 936545 MB, Free - 865305 MB; D: Total - 17220 MB, Free - 2151 MB;
Motherboard: Foxconn, 2ABF
Antivirus: Microsoft Security Essentials, Updated and Enabled

↧

cryptowall-virus-removal

March 28, 2015, 7:54 am

≫ Next: multiple problems

≪ Previous: Computer running Slow

Hi and welcome. :)

Unfortunately, we still unable to reverse the damages done by this virus. All your files, in all drives are encrypted, but there is no easy way to decrypt these files. You can read about this virus here:

http://www.bleepingcomputer.com/viru...mation#restore

BleepingComputer.com has created a small utility that will find the Registry key created by CryptoWall and then export its list of encrypted files to a text file for you. This tool will also allow you to backup the encrypted files to another location in the event that you want to archive the encrypted files and reformat the machine. If you wish to generate a list of files that have been encrypted, you can download the ListCWall tool.

There is an active CryptoWall support topic, which contains discussion and the experiences of a variety of IT consultants, end users, and companies who have been affected by CryptoWall. If you are interested in this infection or wish to ask questions about it, please visit the CryptoWall support topic. Once at the topic, and if you are a member, you can ask or answer questions and subscribe in order to get notifications when someone adds more information to the topic.

http://www.bleepingcomputer.com/foru...cryptodefense/

IDTool:

Scan with IDTool

Please download IDTool by Nathan and save the file to the desktop.
It will come as a zipped file, so you will need to unzip it. You may do it by right-clicking on it and choosing Extract All. Extract it to your desktop.

Enter the IDTool directory, right-click on icon and select Run as Administrator to start the tool.
IDTool needs Micorsoft .NET Framework environment to work properly, so if prompted to download & install it please agree.
Wait patiently until the cool will collect necessary data.
Once the main console is loaded, please press Rescan Computer and Generate a New Report.
When prompted at the main bar that Rescan is completed, press Generate Text Friendly Report for Forums.
Copy the entire content of the frame that appears. You may want to save it to a text file for your convenience.

Please include that in your next reply.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

↧

multiple problems

March 28, 2015, 4:07 pm

≫ Next: Need help itschromium.exe / chromium.exe virus

≪ Previous: cryptowall-virus-removal

bump

↧

Need help itschromium.exe / chromium.exe virus

March 29, 2015, 7:47 am

≫ Next: Advertising Chrome browser hi-jack - only in popups

≪ Previous: multiple problems

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version

Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

↧

Advertising Chrome browser hi-jack - only in popups

March 29, 2015, 8:51 am

≫ Next: Virus on PC - Please Help

≪ Previous: Need help itschromium.exe / chromium.exe virus

Well Derek thank you again - the invasions have disappeared!

↧

Virus on PC - Please Help

March 29, 2015, 10:12 am

≫ Next: Application glitch preventing me from working!

≪ Previous: Advertising Chrome browser hi-jack - only in popups

go back to post 23 and download the fixlist again and run it as described in that post
lets see what happens this time

↧

Application glitch preventing me from working!

March 29, 2015, 12:40 pm

≫ Next: finance alert ads

≪ Previous: Virus on PC - Please Help

Hi, I'm new to the forums and if I do not follow the rules of the forums, I apologise for my problem is preventing me from seeing the rules.
I am in the year of my GCSEs and a week ago, I decided to download some applications which would allow me to concentrate with my work better by block certain applications or websites. After realising ALL of them were just trials, I began uninstalling them all. A few days later, I noticed that certain sites were getting blocked on my computer. I checked my running services and found some of the applications that I had already uninstalled. Through several days of looking around the Internet and fiddling, I installed 'windows Allkiller.' With this, I got rid of all but one application- SprintWork TM VI.
I have tried running command prompts to delete the services and stop it. It displayed that the process was a success yet it still remained in the running services and sites were still getting blocked.
Starting SprintWork on the command prompt causes an error message to pop up as well as 'queryex'ing it. I've tried reinstalling it but it says that I have already downloaded it. System restoring does not work successfully.

I'm so frustrated by this glitch and with GCSEs around the corner, I fear for my grades due to a glitch caused by my effort in trying to stop myself from getting distracted.

I will be willing to co operate and post any information required in solving this problem. Thanks you so much for your time and effort :)

↧

finance alert ads

March 29, 2015, 12:40 pm

≫ Next: .jgpg Thumbnails show but won't open after malware removal

≪ Previous: Application glitch preventing me from working!

rondylan,
Good thing you decided to get some help.
After this, you will need a new Firefox home page.
Trovi.com is a well known adware generator and search hijacker. (Used to be conduit).
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Acrobat Reader Packages
Ad-Aware Web Companion
Advanced SystemCare 8
Driver Booster 2.1
ffdshow v1.2.4422
IObit Malware Fighter
Java 7 Update 72
McAfee Security Scan Plus
McAfee SiteAdvisor
Smart Defrag 3
Surfing Protection
VideoPad Video Editor

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine

--------------------------------------------------------
Run A Fix With FRST
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
(Both on the Desktop is OK, or both in the same folder elsewhere)

Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
If for some reason the tool needs a restart, please make sure you let the system restart normally.
The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

askey127

Attached Files

FixList.txt (8.0 KB)

↧

.jgpg Thumbnails show but won't open after malware removal

March 29, 2015, 1:43 pm

≫ Next: Bug won't let me access Task Manager, Safe Mode, MsConfig etc. + slowing down my comp

≪ Previous: finance alert ads

Yes. The computer was infected with Cryptowall.

Unfortunately, we still unable to reverse the damages done by this virus. All your files, in all drives are encrypted, but there is no easy way to decrypt these files. You can read about this virus here:

http://www.bleepingcomputer.com/viru...mation#restore

BleepingComputer.com has created a small utility that will find the Registry key created by CryptoWall and then export its list of encrypted files to a text file for you. This tool will also allow you to backup the encrypted files to another location in the event that you want to archive the encrypted files and reformat the machine.If you wish to generate a list of files that have been encrypted, you can download the ListCWall tool.

ListCwall can be downloaded from this URL: http://www.bleepingcomputer.com/download/listcwall/

To use the tool, simply double-click on it and let the program run. ListCwall will search for the registry key that contains the list of the encrypted files and then export them to the ListCwall.txt file on your desktop.

There is an active CryptoWall support topic, which contains discussion and the experiences of a variety of IT consultants, end users, and companies who have been affected by CryptoWall. If you are interested in this infection or wish to ask questions about it, please visit the CryptoWall support topic. Once at the topic, and if you are a member, you can ask or answer questions and subscribe in order to get notifications when someone adds more information to the topic.

http://www.bleepingcomputer.com/foru...cryptodefense/

Run the ESET Online Scanner.
Hold down Control and click on this link to open ESET OnlineScan in a new window.
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.
Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.

↧

Bug won't let me access Task Manager, Safe Mode, MsConfig etc. + slowing down my comp

March 29, 2015, 6:42 pm

≫ Next: Combofix saved my AZZ

≪ Previous: .jgpg Thumbnails show but won't open after malware removal

Welcome :)

Please download the attached file and save it in the same directory as FRST.

Start FRST with Administrator privileges.
Press the Fix button.
When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

XP users: Double click the AdwCleaner icon to start the program.
Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
You will see the following console:

Click the Scan button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
Click the Clean button.
Everything checked will be deleted.
When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Attempt to run Malwarebytes Antimalware.

Attached Files

fixlist.txt (4.9 KB)

↧

Combofix saved my AZZ

March 29, 2015, 6:47 pm

≫ Next: Trojan win32/filecoder.c infection

≪ Previous: Bug won't let me access Task Manager, Safe Mode, MsConfig etc. + slowing down my comp

To who it may concern... the toughest, badazz, bucking trojan in history was put down today and pronounced dead by a program i had never heard of...google is my friend after all---and CF was the silver bullet---THANKYOU all for being here and being on the web for us...may all backdoor bullies die in the gutters of the "Interwebs"...

↧

Trojan win32/filecoder.c infection

March 30, 2015, 12:18 am

≫ Next: Can' use Firefox or Chrom

≪ Previous: Combofix saved my AZZ

Enter the IDTool directory, right-click on icon and select Run as Administrator to start the tool.
IDTool needs Micorsoft .NET Framework environment to work properly, so if prompted to download & install it please agree.
Wait patiently until the cool will collect necessary data.
Once the main console is loaded, please press Rescan Computer and Generate a New Report.
When prompted at the main bar that Rescan is completed, press Generate Text Friendly Report for Forums.
Copy the entire content of the frame that appears. You may want to save it to a text file for your convenience.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

↧

Can' use Firefox or Chrom

March 30, 2015, 10:47 am

≫ Next: arccon. ac

≪ Previous: Trojan win32/filecoder.c infection

First, I read the must-read sticky, but can't download the TSG Info utility because my problem is that I can't run my browsers, Firefox and Chrome. When I load them and try to go to a site, I get crash notifications, telling me to retry. (I'm posting this from my Win7 laptop.)

It's on my Dell Dimension 4700 desktop, running WinXP Pro, with AVG Free anti-virus, etc. I'm presently in the process of doing a full scan, but it's taking forever. If the scan shows threats, I'll have them removed. But what should my next step be? Just try again with Firefox and Chrome? Remove and replace those browsers with newer versions (IF I can get onto the net)? Different browser (also IF I can get onto the net)? Would a System Restore (to last Friday when everything was fine) avoid the malware that's causing the problem?

At this point I really can use and will appreciate some guidance. Thanks.

↧

arccon. ac

March 30, 2015, 3:51 pm

≫ Next: a1 pc cleaner removal help please

≪ Previous: Can' use Firefox or Chrom

Hi Cheessball,

I followed your instructions and have attached the required file.

Thanks
Robert Fourchette

Attached Files

hijackthis.log (24.4 KB)

↧

a1 pc cleaner removal help please

March 30, 2015, 4:08 pm

≫ Next: DriverRestore

≪ Previous: arccon. ac

I do hope that my instant request for a remedy wasn't rude. I thought I would get right to the point. Thank you.

↧

DriverRestore

March 30, 2015, 4:48 pm

≫ Next: Can u open my thread?i keep getting 404 file nt found/do i write it again & submit?

≪ Previous: a1 pc cleaner removal help please

Hi I'm not that Tech Savvy but I have removed this Driver Restore but a message keeps popping up on my computer:

(DriverRestore has encountered a critical error and will need to close, We are sorry for the inconvenience)

I have tried reinstalling and then go to control panel to programs and uninstalling again it seems to uninstall but this annoying message keeps appearing

Attached Images

driver restore error.jpg (19.2 KB)

↧

Can u open my thread?i keep getting 404 file nt found/do i write it again & submit?

March 31, 2015, 2:33 am

≫ Next: new pc slow

≪ Previous: DriverRestore

bump

↧

new pc slow

March 31, 2015, 12:54 pm

≫ Next: Health Alert Ads giving me trouble

≪ Previous: Can u open my thread?i keep getting 404 file nt found/do i write it again & submit?

Thread reopened as requested.

↧

Health Alert Ads giving me trouble

April 1, 2015, 12:19 am

≫ Next: How do you completely wipe a computer clean?

≪ Previous: new pc slow

Hi there!

I've reached wits end with this adware... Ive used every malware detecting/removal software I could find and im still having trouble. I know what file is causing me issues, but the problem is I cant stop it from repeatedly being copied into my appdata/local folder. I'm running a windows 7 64 bit Toshiba laptop. Whenever I open google Chrome, Firefox, or IE, I get ads popping up, though some get blocked by adblock plus, and links on random words that freeze my browser and show the ads that have the title "ads by Health Alert". Malwarebytes, ADWClearner, and AVG have all found the same file in c:user/appdata/local/HealthAlert. Each time this file is removed and I open up a browser, the file is copied over with one sile in it called data2.dat. If anyone knows a way to whitelist this file from being created, PLEASE let me know! very sick of the annoying crashes and freezes.

Sysinfo Log:

Tech Support Guy System Info Utility version 1.0.0.2

OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit

Processor: AMD Athlon(tm) II P320 Dual-Core Processor, AMD64 Family 16 Model 6 Stepping 3

Processor Count: 2

RAM: 7930 Mb

Graphics Card: ATI Mobility Radeon HD 4200 Series, 256 Mb

Hard Drives: C: Total - 476837 MB, Free - 238672 MB;

Motherboard: TOSHIBA, Portable PC

Antivirus: Microsoft Security Essentials, Updated and Enabled

↧

How do you completely wipe a computer clean?

April 1, 2015, 7:47 pm

≫ Next: computer is almost unusable because of freezing

≪ Previous: Health Alert Ads giving me trouble

I have this old computer and it was really slow when we first bought it (probably because it was on clearance for like 100 buck) and now it is even slower. I'm pretty sure it has a bunch of viruses on it because you can barely do anything on it and it says error for everything. We never put any important files or anything on it but i did move the few documents and pictures onto a flash drive. It is an Asus eee 1000HD computer and i'm pretty certain that it runs with windows 7. Is there a way that I can just completely wipe everything from it and start over? :p

↧

Latest Images