Tech Support Guy banner
Status
Not open for further replies.

Very slow start up

3K views 49 replies 6 participants last post by  kidmenace 
#1 ·
My computer takes over 5 minutes to start. I have tried every scan possible to no avail. In general it is slow but what is the most annoying is the start up. I am not sure if is some type of virus thanks in advance
 
#4 ·
Hi!

Welcome to TSG Forums.


I will be assisting you regarding your computer's issues. Here, we will check your computer for malware.

Please, adhere to the guidelines below, and let me know if I have your approval to start the cleaning procedure.

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
 
#8 ·
Hi, kidmenance.

Please uninstall the following programs.

Advanced SystemCare
Avast Update Helper
Defraggler
Driver Booster 9
IObit Software Updater
IObit Uninstaller 11

To do that:
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following programs in the list:
Code:
Advanced SystemCare
Avast Update Helper
Defraggler
Driver Booster 9
IObit Software Updater
IObit Uninstaller 11
  • Select the above programs, one by one, and click Uninstall.
  • Restart the computer at the end of the procedure.

After the above, please attach fresh FRST logs for me to check, as you did in your previous post.
 
#13 ·
Hi.

First things first, move FRST tool from your Downloads folder on to your Desktop.

Something to point out to you:

I asked you not to run any tools unless instructed to do so. I see that you ran AdwCleaner. Please, have in mind that this makes more complicated my effort to help you, so just follow my instructions from now on.

Something important regarding the following lines from the logs:

Percentage of memory in use: 87%
Total physical RAM: 1791.28 MB
Available physical RAM: 220.6 MB

You have only 2GB RAM and 87% is in use. Definitely, you need more RAM to run Windows 10 effectively, so at the end of this procedure I'll tell you more about this issue, and recommend you what you can do.

Something to ask:

You have IOBit Uninstaller installed. This is a legitimate program, but it also may have been bundled with a third party software. If you didn't intentionally installed it, please uninstall it along with the other programs in step 2 below. Otherwise, you can keep it.

After the above comments:

1. FRST fix


Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Code:
Start::
CreateRestorePoint:
CloseProcesses:
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
LavasoftTcpService (HKLM-x32\...\{5916A24B-59A4-4FDB-9753-499CB1F65362}) (Version: 2.3.4.2 - Lavasoft) Hidden
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [PfMenu] -> [CC]{2F844462-7CB8-489C-828C-32A6422506AF} =>  -> No File
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.2.1\MenuExt64.dll -> No File
ContextMenuHandlers1: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
ContextMenuHandlers1: [Uninstall] -> [CC]{84058084-7609-44D1-B3CC-7A9436CB6D92} =>  -> No File
ContextMenuHandlers1: [UnLockerMenu] -> [CC]{A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> No File
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} =>  -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> No File
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.2.1\MenuExt64.dll -> No File
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.2.1\MenuExt64.dll -> No File
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.2.1\MenuExt64.dll -> No File
ContextMenuHandlers1_S-1-5-21-1019108432-3678605218-91476750-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
AlternateDataStreams: C:\WINDOWS\SysWOW64\CleanMem.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
URLSearchHook: HKLM-x32 - (No Name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - No File
SearchScopes: HKLM -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKU\S-1-5-21-1019108432-3678605218-91476750-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
SearchScopes: HKU\S-1-5-21-1019108432-3678605218-91476750-1000 -> {9F1574BA-9E86-4C69-BEA9-9E604BA0B545} URL =
Toolbar: HKLM-x32 - No Name - {652853ad-5592-4231-88c6-706613a52e61} -  No File
Toolbar: HKU\S-1-5-21-1019108432-3678605218-91476750-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
MSCONFIG\Services: AdvancedSystemCareService12 => 2
MSCONFIG\Services: AdvancedSystemCareService14 => 3
MSCONFIG\Services: AdvancedSystemCareService15 => 2
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: Unchecky => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupreg: Audiogalaxy => "C:\Users\OD 281\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDF Complete => c:\program files (x86)\pdf complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer =>
MSCONFIG\startupreg: Tonido => "C:\Users\OD 281\AppData\Roaming\Tonido\launcher.exe" /nobrowser
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKLM\...\StartupApproved\Run32: => ""
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1019108432-3678605218-91476750-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1019108432-3678605218-91476750-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1019108432-3678605218-91476750-1000\...\StartupApproved\Run: => "Advanced SystemCare"
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1019108432-3678605218-91476750-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0206CC90-D392-45D8-B52A-4078BEC9674F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {115497A8-EE99-4053-8A0F-459B77612881} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {129B8E3D-0D62-4D90-9647-6CC8EC9771C4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {19805773-2D5B-48A8-89E2-8773B33719B8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (No File)
Task: {1E4EE1F0-285F-4BCE-88F2-74A67977E747} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {22158F42-3714-4792-AE5A-0071E651D7C5} - \SysHealth_Controller_Mon -> No File <==== ATTENTION
Task: {2526CC2F-9D12-4341-B34A-497265774F71} - \BlockAndSurf Update -> No File <==== ATTENTION
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {29C26FD1-D22A-4E4C-8B9D-20E8C1661468} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2BF072F7-41E0-4360-A67F-254A6FC579C0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {52A8589F-DD45-4D31-9627-8A3ACBA0E0DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {578D0CA6-4844-430C-8D2A-BA79E7C01266} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {6F04BEFE-A843-4C2A-BFDC-9D92E045CFE1} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (No File)
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {7AB48613-14A5-46FC-805D-E0A6588CFAFF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {80F7B922-000A-49D2-BEEF-A2350F41401D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {9CB362F6-DB3E-4122-804C-E8C12FE2CE8D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {A48EEFC2-C6B6-450E-B45D-861886AA61E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {AFD2CF79-1EE1-4CD1-9F4B-68CB546CA3E1} - \SMupdate1 -> No File <==== ATTENTION1}
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {B6EE8755-CAE3-4D5F-B7ED-40A34C599DEC} - System32\Tasks\ASC_SkipUac_OD 281 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (No File)
Task: {B7C6743D-603E-4217-898B-8E32639F5A8F} - \SysHealthcare_Controller -> No File <==== ATTENTION
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {BE0ABF39-9E3B-4D16-93A4-DBD6F5FE5701} - \AmiUpdXp -> No File <==== ATTENTION
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {C7532FF3-A263-4DB2-BF5A-3196290822E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D0486939-6EA4-4D73-984A-DE9B338884E4} - System32\Tasks\{D7CB5927-CE9B-466C-BCF2-8FB4ED757E80} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FREE DLL Fixer\fixdll.exe" -d "C:\Program Files (x86)\FREE DLL Fixer"
Task: {D9AC4DBE-ADA0-4970-A2B4-684997F3179C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DCCEC452-F4F3-4193-B418-3B352CADD5F6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {DDD92677-A9D8-4A47-93A2-4EC6F309215D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E5669375-70EB-45E3-8354-F1A0C2F232AA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {faa0075b-d2ab-4934-8846-d1c43f975e5a} - no filepath
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: C:\WINDOWS\Tasks\Driver Support-RTMRules.job => C:\Program Files (x86)\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMScan.job => C:\Program Files (x86)\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMScanRunOnce.job => C:\Program Files (x86)\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job => C:\Program Files (x86)\Driver Support\DriverSupport.exe
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR HKLM-x32\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
2022-04-08 13:26 - 2022-04-08 13:26 - 000003084 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_OD 281
2022-05-05 12:11 - 2015-06-07 16:20 - 000000000 ____D C:\Users\OD 281\AppData\Local\Lavasoft
2022-04-08 13:27 - 2021-10-26 11:58 - 000003292 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2022-04-08 13:29 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2022-05-04 11:41 - 2022-05-04 11:41 - 099033088 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2022-05-04 11:41 - 2022-05-04 11:41 - 001036288 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2022-05-04 11:41 - 2022-05-04 11:41 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2022-05-04 11:41 - 2022-05-04 11:41 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2022-05-06 11:02 - 2020-04-09 11:23 - 000000000 ____D C:\ProgramData\PCGameBoost
2022-05-06 11:02 - 2011-07-20 22:39 - 000000000 ____D C:\Program Files (x86)\IObit
2022-05-05 12:12 - 2021-09-07 11:41 - 000000000 ____D C:\IObit
2022-05-05 12:12 - 2015-08-08 17:05 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\IObit
2022-05-05 12:12 - 2013-09-23 18:57 - 000000000 ____D C:\Users\OD 281\AppData\LocalLow\IObit
2022-05-05 12:12 - 2011-07-27 22:40 - 000000000 ____D C:\ProgramData\IObit
2022-05-05 12:12 - 2011-07-20 22:39 - 000000000 ____D C:\Users\OD 281\AppData\Roaming\IObit
2022-05-05 12:12 - 2010-11-02 17:19 - 000000000 ____D C:\Program Files (x86)\CyberLink
2022-05-05 12:11 - 2015-06-07 16:20 - 000000000 ____D C:\Users\OD 281\AppData\Local\Lavasoft
2015-06-25 18:50 - 2015-06-25 18:50 - 000000000 _____ () C:\ProgramData\cis29CD.exe
2019-05-28 13:55 - 2019-05-28 13:55 - 000000000 _____ () C:\Program Files (x86)\GUTFAFF.tmp
2011-09-23 18:08 - 2011-09-23 18:08 - 000001854 _____ () C:\Users\OD 281\AppData\Roaming\GhostObjGAFix.xml
2012-01-22 02:09 - 2012-01-22 02:09 - 000060100 _____ () C:\Users\OD 281\AppData\Roaming\icarus-dxdiag.xml
2014-12-21 19:30 - 2014-12-21 19:30 - 000000064 _____ () C:\Users\OD 281\AppData\Local\1744267a4cf30f7003aabf42756355e5
2013-06-15 13:02 - 2012-06-26 06:59 - 000940544 _____ (Apache Software Foundation) C:\Users\OD 281\AppData\Local\log4cxx.dll
C:\Users\OD 281\AppData\Local\Audiogalaxy
C:\Program Files (x86)\AVG
C:\Program Files\CCleaner
C:\Program Files (x86)\Fitbit Connect
C:\Program Files\iTunes
C:\Program Files (x86)\QuickTime
c:\program files (x86)\pdf complete
C:\Users\OD 281\AppData\Roaming\Tonido
C:\Program Files (x86)\FREE DLL Fixer
C:\Program Files (x86)\Driver Support
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

2. Uninstall programs
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program on the list:
Code:
Avast Update Helper
LavasoftTcpService
IObit Uninstaller 11*
  • Select the above program and click Uninstall.
  • Restart the computer.

3. Run AdwCleaner (scan only)

Download AdwCleaner and save it to your desktop.
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Filestab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

4. Run Malwarebytes (scan only)
  • Open Malwarebytes you have already installed.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Code:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT checked.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.
If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.
  • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
  • Find the report with the most recent date and double click on it.
  • Click on Export and then Copy to Clipboard.
  • Paste its content here, in your next reply.

In your next reply, please post:
  1. The fixlog.txt
  2. If you successfully uninstalled the 2 programs (and IOBit Uninstaller)
  3. The AdwCleaner[S0*].txt
  4. The Malwarebytes report
 
#14 ·
Sorry about running the scan, that's the clean freak in me with computers. I installed iobit a while back ago. I thought i deleted it, but I will do a further search for it to see if there is something that remains. The other programs i cannot find any trace of them, any idea of how to find them. Thanks for your help
 
#15 ·
Hi.

IOBit Uninstaller is visible in your installed programs list. You mean that you don't see it?

The other two programs are hidden. In the fix I prepared for you (Step 1 above), I make them visible. So in order to see them, you must first run the fix. That's why I insist to follow my instructions with the order I'm giving them to you.

Let me know if you still have problems.
 
#19 ·
Please, do not move on to the next step if something goes wrong in a previous step. Ask me first.

As I already told you, you are going to be able to remove these programs after the fix.

Have you tried to uninstall them after the fix?
 
#20 ·
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-09-2022
# Duration: 00:00:53
# OS: Windows 10 Home
# Scanned: 32050
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [27885 octets] - [05/05/2022 12:07:04]
AdwCleaner[C00].txt - [24477 octets] - [05/05/2022 12:13:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
 
#22 ·
Malwarebytes gives me a message of cannot connect to server. I have installed it twice to see what happens. For some reason my computer cant run Malwarebytes. Even before we have done the repairs. By the way i notice that the browsing has sped up a bit but the startup is still slow
 
#26 ·
Hello.

1. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Code:
Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
MSCONFIG\startupreg: iFreeUp => "C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe" /iFree_POPFORM
HKLM\...\StartupApproved\Run32: => ""
HKLM-x32\...\Run: [] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {99426D67-EA5D-43A2-BB32-B89D658B3509} - System32\Tasks\Uninstaller_SkipUac_OD_281 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer (No File)
S3 MBAMService; C:\Users\OD 281\AppData\Local\Temp\MBAMService.exe [8524512 2022-05-09] (Malwarebytes Inc. -> Malwarebytes) <==== ATTENTION
S4 HPClientSvc; "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" [X]
S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-10-01] (Symantec Corporation -> Symantec Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2015-05-05] (Enigma Software Group USA, LLC -> )
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
U4 HomeGroupProvider; no ImagePath
U3 idsvc; no ImagePath
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S3 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]
S3 MpKsl9f1864d9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA52F61C-CAFB-4324-8C40-0B29DFC5A026}\MpKslDrv.sys [X]
U4 npcap_wifi; no ImagePath
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
C:\Program Files (x86)\Common Files\Symantec Shared
C:\WINDOWS\System32\DRIVERS\EsgScanner.sys
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

2. Uninstall / Reinstall Malwarebytes

Please uninstall Malwarebytes, restart and then install/run it again.
  • Download Malwarebytes and save it to your Desktop.
  • Once downloaded, close all programs and Windows on your computer.
  • Double-click on the icon on your desktop named MBSetup.exe. This will start the installation of MBAM onto your computer.
  • Follow the instructions to install the program.
  • When finished, double click the program's icon created on your Desktop.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Code:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT checked.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.
If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.
  • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
  • Find the report with the most recent date
  • and double click on it.
  • Click on Export and then Copy to Clipboard.
  • Paste its content here, in your next reply.

3. RAM

Here you can run a free RAM wizard to determine which RAM is compatible with your motherboard. You download and run a small program, which will scan your computer and then recommend compatible RAM. You don't have to buy from them, but you can find out how much RAM the computer can accept. It is something you should consider, since your computer issues are related with a lack of sufficient resources to run your programs.

In your next reply, please post:
  1. The fixlog.txt
  2. The Malwarebytes report (if you were able to run it this time)
  3. Feedback: how is the computer running compared with how it was running before?
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top