Slow computer

**Juliet** · 2015-04-17, 00:19

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe
C:\Users\valerie\AppData\Local\Temp\APNSetup.exe
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2522d6cb-51727cbf
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\5adc8ecb-68fd50c7
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\67b8e50d-318f1afd
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\34da9697-55ad39d9
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b9b465b-349f0691
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\51a00022-647d41c5
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\58dc5268-4fd1fa2f
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\6f0aa3aa-59e28241
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\511c2e2f-28e933c2
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\209caf7f-3e8471b1
EmptyTemp:
End

Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~`

I want you to go to add/remove programs list and uninstall Java.
After thats done please go here and download the most current version
https://java.com/en/download/

It might ask you to run a java run file which is expected. Then it might ask you to confirm your version.

~~~~~~~~~~~~~~`

Let's see if there are any startup items we can disable to improve performance.

Go here to download HJT
http://www.bleepingcomputer.com/download/hijackthis/

Save HJTsetup.exe to your desktop.
Doubleclick on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.

~~~~~~~~~~~~~~
Please post
Fixlog.txt
HJT log

don't be worried over not attaching, copy and paste to the topic is preferred.

**sunshine&flowerpots** · 2015-04-17, 12:49

Hi
here is the fixlogFix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-04-2015 04
Ran by valerie at 2015-04-17 10:56:13 Run:2
Running from C:\Users\valerie\Desktop
Loaded Profiles: valerie (Available profiles: valerie)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CreateRestorePoint:
CloseProcesses:
C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe
C:\Users\valerie\AppData\Local\Temp\APNSetup.exe
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2522d6cb-51727cbf
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\5adc8ecb-68fd50c7
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\67b8e50d-318f1afd
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\34da9697-55ad39d9
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b9b465b-349f0691
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\51a00022-647d41c5
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\58dc5268-4fd1fa2f
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\6f0aa3aa-59e28241
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\511c2e2f-28e933c2
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\209caf7f-3e8471b1
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe => Moved successfully.
"C:\Users\valerie\AppData\Local\Temp\APNSetup.exe" => File/Directory not found.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2522d6cb-51727cbf => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\5adc8ecb-68fd50c7 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\67b8e50d-318f1afd => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\34da9697-55ad39d9 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b9b465b-349f0691 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\51a00022-647d41c5 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\58dc5268-4fd1fa2f => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\6f0aa3aa-59e28241 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\511c2e2f-28e933c2 => Moved successfully.
C:\Users\valerie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\209caf7f-3e8471b1 => Moved successfully.
EmptyTemp: => Removed 34.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 10:57:46 ====

**Juliet** · 2015-04-17, 12:58

Were you able to run HJT?

Did you uninstall then reinstall Java?

**sunshine&flowerpots** · 2015-04-17, 22:56

hi
uninstalled & installed java. all ok. still got problems with flash player asking to run.
here's hjt log
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:48:17, on 17/04/2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16636)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\valerie\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://inboxtoolbar.com/search/dispa...b_id&%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://inboxtoolbar.com/search/ie.aspx?tbid=80150
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://inboxtoolbar.com/help/sa_cust...spx?tbid=80150
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pucuy.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://inboxtoolbar.com/search/ie.aspx?tbid=80150
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://inboxtoolbar.com/help/sa_cust...spx?tbid=80150
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Users\valerie\AppData\Local\Temp\E_S59C8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.4.24.0.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: BT Help Wizard - Alcatel-Lucent - C:\Program Files\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
O23 - Service: Google Update Service (gupdate1c95fd8b90ceb00) (gupdate1c95fd8b90ceb00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8848 bytes

**Juliet** · 2015-04-17, 23:48

I want you to go to add/remove programs list and uninstall
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)

Open HijackThis, Click Do a system scan only, checkmark these. Then close all other windows and browsers except HijackThis and press fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://inboxtoolbar.com/search/dispa...b_id&%language
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://inboxtoolbar.com/search/ie.aspx?tbid=80150
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://inboxtoolbar.com/help/sa_cust...spx?tbid=80150
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pucuy.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://inboxtoolbar.com/search/ie.aspx?tbid=80150
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://inboxtoolbar.com/help/sa_cust...spx?tbid=80150
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

Typically, these entries are infrequently used tasks that can be started manually, if necessary.
Removing/disabling these items from statup will help with system resources.

O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Users\valerie\AppData\Local\Temp\E_S59C8.tmp" /EF "HKCU"

*****
Reboot the computer to set the registry.

~~~~~~~~~~~~~~`

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
Task: {211BF276-F39D-4FB3-9EA0-FFD4B93B7A0F} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {351B575A-DEC1-4C17-863F-ED487E239FF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-11] (Adobe Systems Incorporated)
Task: {56A8465F-11BC-4A52-9C59-C6932DB59CEC} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13] ()
Task: {7BF1193B-B38C-49F4-A1C9-97C774363A0A} - System32\Tasks\FileCure => C:\Program Files\ParetoLogic\FileCure\FileCure.exe
Task: {CD4A2B41-060F-4B24-8E9C-18BE76B54869} - System32\Tasks\FileCure Startup => C:\Program Files\ParetoLogic\FileCure\FileCure.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater
C:\Program Files\AskPartnerNetwork
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
EmptyTemp:
Hosts:
End

Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~

Adobe Flash Player please get the latest version.

Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version or if you have the latest close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/...n_your_machine
===

Please post
Fixlog.txt

Also tell me what the computer is doing now.

**sunshine&flowerpots** · 2015-04-18, 01:16

Hi
uninstalled adobe flash player.
here is hjt fixlist and log.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-04-2015 04
Ran by valerie at 2015-04-17 23:59:45 Run:3
Running from C:\Users\valerie\Desktop
Loaded Profiles: valerie (Available profiles: valerie)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CreateRestorePoint:
CloseProcesses:
Task: {211BF276-F39D-4FB3-9EA0-FFD4B93B7A0F} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {351B575A-DEC1-4C17-863F-ED487E239FF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-11] (Adobe Systems Incorporated)
Task: {56A8465F-11BC-4A52-9C59-C6932DB59CEC} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13] ()
Task: {7BF1193B-B38C-49F4-A1C9-97C774363A0A} - System32\Tasks\FileCure => C:\Program Files\ParetoLogic\FileCure\FileCure.exe
Task: {CD4A2B41-060F-4B24-8E9C-18BE76B54869} - System32\Tasks\FileCure Startup => C:\Program Files\ParetoLogic\FileCure\FileCure.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater
C:\Program Files\AskPartnerNetwork
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
EmptyTemp:
Hosts:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{211BF276-F39D-4FB3-9EA0-FFD4B93B7A0F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{211BF276-F39D-4FB3-9EA0-FFD4B93B7A0F}" => Key deleted successfully.
C:\Windows\System32\Tasks\ParetoLogic Registration => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration" => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{351B575A-DEC1-4C17-863F-ED487E239FF5} => Key not found.
C:\Windows\System32\Tasks\Adobe Flash Player Updater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56A8465F-11BC-4A52-9C59-C6932DB59CEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56A8465F-11BC-4A52-9C59-C6932DB59CEC}" => Key deleted successfully.
C:\Windows\System32\Tasks\ParetoLogic Update Version2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BF1193B-B38C-49F4-A1C9-97C774363A0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BF1193B-B38C-49F4-A1C9-97C774363A0A}" => Key deleted successfully.
C:\Windows\System32\Tasks\FileCure not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FileCure" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4A2B41-060F-4B24-8E9C-18BE76B54869} => Key not found.
C:\Windows\System32\Tasks\FileCure Startup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FileCure Startup => Key not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
"C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe" => File/Directory not found.
C:\Program Files\AskPartnerNetwork\Toolbar\Updater => Moved successfully.

"C:\Program Files\AskPartnerNetwork" directory move:

Could not move "C:\Program Files\AskPartnerNetwork" directory. => Scheduled to move on reboot.

Could not move "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" => Scheduled to move on reboot.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 67.8 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-18 00:03:36)<=

C:\Program Files\AskPartnerNetwork => Moved successfully.
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe => Is moved successfully.

==== End of Fixlog 00:04:28 ====

**Juliet** · 2015-04-18, 02:43

How is the computer now?

**sunshine&flowerpots** · 2015-04-19, 10:48

Hi
Computer is working fine now thank you.

**Juliet** · 2015-04-19, 12:54

DelFix

Please download DelFix
or from here http://www.bleepingcomputer.com/download/delfix/ and save the file to your Desktop.
Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:
- Activate UAC
- Remove disinfection tools
Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

~~~~~~~~~~~~~~~~~~~

Answers to common security questions - Best Practices by quietman7, MVP
How Malware Spreads - How did I get infected? by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
How to Prevent Malware by miekiemoes, MVP
How to backup and restore your data using Cobian Backup by YourHighness
Slow Computer/browser? It May Not Be Malwareby quietman7, MVP

The following programmes come highly recommended in the security community.

AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
CryptoPrevent places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
Secuina PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

Want to help others? Join the ClassRoom and learn how.

**Juliet** · 2015-04-22, 12:04

Glad we could help.

Since this issue appears resolved ... this Topic is closed.

Thread: Slow computer

Thread Tools

Display

Posting Permissions