SpywareHammer.com

SpywareHammer Malware Removal Forums => Completed Malware and Rootkit Removal Topics => Topic started by: Marco on October 01, 2015, 01:55:09 PM

Title: [Resolved] Laptop running slow, programs stop responding
Post by: Marco on October 01, 2015, 01:55:09 PM
For example, I had to run the DDS twice to get it to finish and create the logs. Chrome and IE 11 both slow 95% of the time and stop responding frequently. Hadn't been updated in a couple years. I tried updating, only got about half of available Important Updates installed. There is nothing on this computer I need to keep. I would prefer to have it running at optimum performance no matter what I should remove.

DDS Files:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840  BrowserJavaVersion: 11.60.2
Run by CashCompany at 10:47:02 on 2015-10-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1916.644 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSND&bmod=TSND
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{78D6C651-9B1B-483E-9FD5-3A0D6C62AE06} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{78D6C651-9B1B-483E-9FD5-3A0D6C62AE06}\3416279626265616E6 : DHCPNameServer = 10.10.1.1
TCP: Interfaces\{78D6C651-9B1B-483E-9FD5-3A0D6C62AE06}\3416279626265616E6F5548545 : DHCPNameServer = 10.10.1.1
TCP: Interfaces\{78D6C651-9B1B-483E-9FD5-3A0D6C62AE06}\3557564656373507F6274737241627 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{D6FBD3B9-9C76-4E05-BC21-3FE4CC9DC24A} : DHCPNameServer = 75.75.75.75 75.75.76.76
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-1 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-1 1133880]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 124568]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2010-12-7 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2015-10-1 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2015-10-1 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2015-10-1 63704]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 hasplms;HASP License Manager;C:\windows\System32\hasplms.exe  -run --> C:\windows\System32\hasplms.exe  -run [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-9-30 114688]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\drivers\lvrs64.sys [2011-8-19 351136]
S3 LVUVC64;Logitech HD Webcam C270(UVC);C:\windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-12-7 232992]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-12-7 51512]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-10 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-2-26 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2015-10-01 16:06:47   113880   ----a-w-   C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-10-01 16:06:07   63704   ----a-w-   C:\windows\System32\drivers\mwac.sys
2015-10-01 16:06:07   25816   ----a-w-   C:\windows\System32\drivers\mbam.sys
2015-10-01 16:06:07   109272   ----a-w-   C:\windows\System32\drivers\mbamchameleon.sys
2015-10-01 16:06:06   --------   d-----w-   C:\ProgramData\Malwarebytes
2015-10-01 16:06:06   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-01 16:05:16   --------   d-----w-   C:\Users\CashCompany\AppData\Local\Programs
2015-10-01 10:35:54   2777088   ----a-w-   C:\windows\System32\msmpeg2vdec.dll
2015-10-01 10:35:53   2285056   ----a-w-   C:\windows\SysWow64\msmpeg2vdec.dll
2015-10-01 10:13:45   99480   ----a-w-   C:\windows\SysWow64\infocardapi.dll
2015-10-01 10:13:44   171160   ----a-w-   C:\windows\System32\infocardapi.dll
2015-10-01 10:13:44   1389208   ----a-w-   C:\windows\System32\icardagt.exe
2015-10-01 10:13:43   619672   ----a-w-   C:\windows\SysWow64\icardagt.exe
2015-10-01 10:13:28   8856   ----a-w-   C:\windows\SysWow64\icardres.dll
2015-10-01 10:13:28   8856   ----a-w-   C:\windows\System32\icardres.dll
2015-10-01 10:11:49   35480   ----a-w-   C:\windows\SysWow64\TsWpfWrp.exe
2015-10-01 10:11:49   35480   ----a-w-   C:\windows\System32\TsWpfWrp.exe
2015-10-01 09:58:34   801280   ----a-w-   C:\windows\System32\usp10.dll
2015-10-01 09:58:33   626688   ----a-w-   C:\windows\SysWow64\usp10.dll
2015-10-01 09:58:14   1031168   ----a-w-   C:\windows\System32\TSWorkspace.dll
2015-10-01 09:58:13   793600   ----a-w-   C:\windows\SysWow64\TSWorkspace.dll
2015-10-01 09:47:20   210432   ----a-w-   C:\windows\System32\profsvc.dll
2015-10-01 09:47:05   156824   ----a-w-   C:\windows\SysWow64\mscorier.dll
2015-10-01 09:47:05   156312   ----a-w-   C:\windows\System32\mscorier.dll
2015-10-01 09:47:04   1131664   ----a-w-   C:\windows\SysWow64\dfshim.dll
2015-10-01 09:47:03   1943696   ----a-w-   C:\windows\System32\dfshim.dll
2015-10-01 09:47:00   73880   ----a-w-   C:\windows\System32\mscories.dll
2015-10-01 09:46:59   81560   ----a-w-   C:\windows\SysWow64\mscories.dll
2015-10-01 09:40:59   53760   ----a-w-   C:\windows\System32\capiprovider.dll
2015-10-01 09:39:14   1067520   ----a-w-   C:\windows\System32\msctf.dll
2015-10-01 09:39:10   828928   ----a-w-   C:\windows\SysWow64\msctf.dll
2015-10-01 09:26:09   241152   ----a-w-   C:\windows\System32\pku2u.dll
2015-10-01 09:26:08   186880   ----a-w-   C:\windows\SysWow64\pku2u.dll
2015-10-01 09:25:37   484864   ----a-w-   C:\windows\System32\wer.dll
2015-10-01 09:25:37   381440   ----a-w-   C:\windows\SysWow64\wer.dll
2015-10-01 09:25:34   81408   ----a-w-   C:\windows\System32\imagehlp.dll
2015-10-01 09:25:34   159232   ----a-w-   C:\windows\SysWow64\imagehlp.dll
2015-10-01 07:51:59   95680   ----a-w-   C:\windows\System32\drivers\ksecdd.sys
2015-10-01 07:50:25   112640   ----a-w-   C:\windows\System32\smss.exe
2015-10-01 07:50:22   43520   ----a-w-   C:\windows\System32\csrsrv.dll
2015-10-01 07:50:16   6656   ----a-w-   C:\windows\SysWow64\apisetschema.dll
2015-10-01 07:50:16   6656   ----a-w-   C:\windows\System32\apisetschema.dll
2015-10-01 07:25:06   683520   ----a-w-   C:\windows\System32\termsrv.dll
2015-10-01 07:18:59   303616   ----a-w-   C:\windows\System32\nlasvc.dll
2015-10-01 07:18:58   52224   ----a-w-   C:\windows\SysWow64\nlaapi.dll
2015-10-01 07:18:58   156672   ----a-w-   C:\windows\SysWow64\ncsi.dll
2015-10-01 07:17:00   230400   ----a-w-   C:\windows\System32\drivers\portcls.sys
2015-10-01 07:16:59   116736   ----a-w-   C:\windows\System32\drivers\drmk.sys
2015-10-01 07:16:50   141312   ----a-w-   C:\windows\System32\drivers\mrxdav.sys
2015-10-01 07:16:33   215552   ----a-w-   C:\windows\System32\ubpm.dll
2015-10-01 07:16:27   171520   ----a-w-   C:\windows\SysWow64\ubpm.dll
2015-10-01 06:11:29   --------   d--h--w-   C:\$Windows.~BT
2015-10-01 05:51:52   --------   d-----w-   C:\ESD
2015-10-01 05:43:36   --------   d--h--w-   C:\$Windows.~WS
2015-10-01 05:15:47   1930752   ----a-w-   C:\windows\System32\authui.dll
2015-10-01 05:15:46   197120   ----a-w-   C:\windows\System32\credui.dll
2015-10-01 05:15:46   190464   ----a-w-   C:\windows\System32\SmartcardCredentialProvider.dll
2015-10-01 05:15:46   1796096   ----a-w-   C:\windows\SysWow64\authui.dll
2015-10-01 05:15:45   152576   ----a-w-   C:\windows\SysWow64\SmartcardCredentialProvider.dll
2015-10-01 05:15:44   168960   ----a-w-   C:\windows\SysWow64\credui.dll
2015-10-01 05:14:06   658432   ----a-w-   C:\windows\System32\RMActivate_isv.exe
2015-10-01 05:14:05   626176   ----a-w-   C:\windows\System32\RMActivate.exe
2015-10-01 05:14:04   594944   ----a-w-   C:\windows\SysWow64\RMActivate_isv.exe
2015-10-01 05:14:04   572416   ----a-w-   C:\windows\SysWow64\RMActivate.exe
2015-10-01 05:14:03   508928   ----a-w-   C:\windows\SysWow64\RMActivate_ssp_isv.exe
2015-10-01 05:14:02   552960   ----a-w-   C:\windows\System32\RMActivate_ssp_isv.exe
2015-10-01 05:12:55   815304   ----a-w-   C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-10-01 05:11:57   76800   ----a-w-   C:\windows\System32\drivers\hidclass.sys
2015-10-01 05:11:57   32896   ----a-w-   C:\windows\System32\drivers\hidparse.sys
2015-10-01 05:11:48   259584   ----a-w-   C:\windows\System32\WebClnt.dll
2015-10-01 05:11:46   205824   ----a-w-   C:\windows\SysWow64\WebClnt.dll
2015-10-01 05:11:45   81920   ----a-w-   C:\windows\SysWow64\davclnt.dll
2015-10-01 05:11:45   102400   ----a-w-   C:\windows\System32\davclnt.dll
2015-10-01 05:06:28   878080   ----a-w-   C:\windows\System32\advapi32.dll
2015-10-01 05:06:28   859648   ----a-w-   C:\windows\System32\tdh.dll
2015-10-01 05:06:28   1732032   ----a-w-   C:\windows\System32\ntdll.dll
2015-10-01 05:06:22   640512   ----a-w-   C:\windows\SysWow64\advapi32.dll
2015-10-01 05:06:22   619520   ----a-w-   C:\windows\SysWow64\tdh.dll
2015-10-01 05:06:22   1292192   ----a-w-   C:\windows\SysWow64\ntdll.dll
2015-10-01 05:04:42   1903552   ----a-w-   C:\windows\System32\drivers\tcpip.sys
2015-10-01 05:04:41   327168   ----a-w-   C:\windows\System32\mswsock.dll
2015-10-01 05:04:41   231424   ----a-w-   C:\windows\SysWow64\mswsock.dll
2015-10-01 04:37:48   861696   ----a-w-   C:\windows\System32\oleaut32.dll
2015-10-01 04:37:48   571904   ----a-w-   C:\windows\SysWow64\oleaut32.dll
2015-10-01 04:35:41   985536   ----a-w-   C:\windows\System32\drivers\dxgkrnl.sys
2015-10-01 04:35:26   142336   ----a-w-   C:\windows\System32\poqexec.exe
2015-10-01 04:35:26   123904   ----a-w-   C:\windows\SysWow64\poqexec.exe
2015-10-01 04:34:17   165888   ----a-w-   C:\windows\System32\charmap.exe
2015-10-01 04:34:15   155136   ----a-w-   C:\windows\SysWow64\charmap.exe
2015-10-01 04:34:10   77824   ----a-w-   C:\windows\System32\packager.dll
2015-10-01 04:34:08   67584   ----a-w-   C:\windows\SysWow64\packager.dll
2015-10-01 04:33:44   274880   ----a-w-   C:\windows\System32\drivers\msiscsi.sys
2015-10-01 04:33:43   27584   ----a-w-   C:\windows\System32\drivers\Diskdump.sys
2015-10-01 04:33:43   190912   ----a-w-   C:\windows\System32\drivers\storport.sys
2015-10-01 04:33:42   2048   ----a-w-   C:\windows\SysWow64\iologmsg.dll
2015-10-01 04:33:42   2048   ----a-w-   C:\windows\System32\iologmsg.dll
2015-10-01 04:33:00   500224   ----a-w-   C:\windows\System32\AUDIOKSE.dll
2015-10-01 04:33:00   442880   ----a-w-   C:\windows\SysWow64\AUDIOKSE.dll
2015-10-01 04:32:59   680960   ----a-w-   C:\windows\System32\audiosrv.dll
2015-10-01 04:32:59   440832   ----a-w-   C:\windows\System32\AudioEng.dll
2015-10-01 04:32:59   296448   ----a-w-   C:\windows\System32\AudioSes.dll
2015-10-01 04:32:59   284672   ----a-w-   C:\windows\System32\EncDump.dll
2015-10-01 04:32:58   374784   ----a-w-   C:\windows\SysWow64\AudioEng.dll
2015-10-01 04:32:56   195584   ----a-w-   C:\windows\SysWow64\AudioSes.dll
2015-10-01 04:32:07   1424896   ----a-w-   C:\windows\System32\WindowsCodecs.dll
2015-10-01 04:32:06   1230848   ----a-w-   C:\windows\SysWow64\WindowsCodecs.dll
2015-10-01 04:31:58   424448   ----a-w-   C:\windows\System32\rastls.dll
2015-10-01 04:31:58   372736   ----a-w-   C:\windows\SysWow64\rastls.dll
2015-10-01 04:31:55   2020352   ----a-w-   C:\windows\System32\WsmSvc.dll
2015-10-01 04:31:53   1177088   ----a-w-   C:\windows\SysWow64\WsmSvc.dll
2015-10-01 04:31:52   346624   ----a-w-   C:\windows\System32\WSManMigrationPlugin.dll
2015-10-01 04:31:52   310272   ----a-w-   C:\windows\System32\WsmWmiPl.dll
2015-10-01 04:31:52   266240   ----a-w-   C:\windows\System32\WSManHTTPConfig.exe
2015-10-01 04:31:50   248832   ----a-w-   C:\windows\SysWow64\WSManMigrationPlugin.dll
2015-10-01 04:31:50   181248   ----a-w-   C:\windows\System32\WsmAuto.dll
2015-10-01 04:31:49   214016   ----a-w-   C:\windows\SysWow64\WsmWmiPl.dll
2015-10-01 04:31:47   198656   ----a-w-   C:\windows\SysWow64\WSManHTTPConfig.exe
2015-10-01 04:31:46   145920   ----a-w-   C:\windows\SysWow64\WsmAuto.dll
2015-10-01 04:30:51   3221504   ----a-w-   C:\windows\SysWow64\mstscax.dll
2015-10-01 04:30:50   455168   ----a-w-   C:\windows\System32\winlogon.exe
2015-10-01 04:30:48   3722240   ----a-w-   C:\windows\System32\mstscax.dll
2015-10-01 04:30:45   1118720   ----a-w-   C:\windows\System32\mstsc.exe
2015-10-01 04:30:44   1051136   ----a-w-   C:\windows\SysWow64\mstsc.exe
2015-10-01 04:30:40   235520   ----a-w-   C:\windows\System32\winsta.dll
2015-10-01 04:30:39   157696   ----a-w-   C:\windows\SysWow64\winsta.dll
2015-10-01 04:30:38   212480   ----a-w-   C:\windows\System32\drivers\rdpwd.sys
2015-10-01 04:30:37   150528   ----a-w-   C:\windows\System32\rdpcorekmts.dll
2015-10-01 04:30:36   131584   ----a-w-   C:\windows\SysWow64\aaclient.dll
2015-10-01 04:30:34   39936   ----a-w-   C:\windows\System32\drivers\tssecsrv.sys
2015-10-01 04:29:13   1684928   ----a-w-   C:\windows\System32\drivers\ntfs.sys
2015-10-01 04:29:08   406528   ----a-w-   C:\windows\System32\scesrv.dll
2015-10-01 04:29:08   308224   ----a-w-   C:\windows\SysWow64\scesrv.dll
2015-10-01 04:09:52   79360   ----a-w-   C:\windows\System32\clfsw32.dll
2015-10-01 04:09:52   58880   ----a-w-   C:\windows\SysWow64\clfsw32.dll
2015-10-01 04:09:52   367552   ----a-w-   C:\windows\System32\clfs.sys
2015-10-01 03:49:57   --------   d-----w-   C:\Users\CashCompany\AppData\Roaming\OpenOffice.org
2015-10-01 03:41:24   859648   ----a-w-   C:\windows\System32\IKEEXT.DLL
2015-10-01 03:41:23   830464   ----a-w-   C:\windows\System32\nshwfp.dll
2015-10-01 03:41:23   656896   ----a-w-   C:\windows\SysWow64\nshwfp.dll
2015-10-01 03:41:23   324096   ----a-w-   C:\windows\System32\FWPUCLNT.DLL
2015-10-01 03:41:23   216576   ----a-w-   C:\windows\SysWow64\FWPUCLNT.DLL
2015-10-01 03:33:19   868264   ----a-w-   C:\windows\SysWow64\npDeployJava1.dll
2015-10-01 03:33:19   790440   ----a-w-   C:\windows\SysWow64\deployJava1.dll
2015-10-01 03:31:40   --------   d-----w-   C:\Users\CashCompany\.oracle_jre_usage
2015-10-01 03:30:44   --------   d-----w-   C:\ProgramData\Oracle
2015-10-01 02:41:56   465920   ----a-w-   C:\windows\System32\WMPhoto.dll
2015-10-01 02:41:56   417792   ----a-w-   C:\windows\SysWow64\WMPhoto.dll
2015-10-01 02:41:53   461312   ----a-w-   C:\windows\System32\scavengeui.dll
2015-10-01 02:21:22   878080   ----a-w-   C:\windows\System32\IMJP10K.DLL
2015-10-01 02:21:21   701440   ----a-w-   C:\windows\SysWow64\IMJP10K.DLL
2015-10-01 01:04:31   18819272   ----a-w-   C:\windows\SysWow64\FlashPlayerInstaller.exe
2015-10-01 00:20:50   11062400   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C45A402C-8DFF-4642-BED9-04E5B9964E8F}\mpengine.dll
2015-10-01 00:16:05   1190000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35452F25-A748-4566-9D02-0BDB7290A424}\gapaengine.dll
2015-10-01 00:07:15   6420480   ----a-w-   C:\Program Files (x86)\GUT1EC7.tmp
2015-10-01 00:07:15   --------   d-----w-   C:\Program Files (x86)\GUM1EB6.tmp
.
==================== Find3M  ====================
.
2015-10-01 05:13:08   940032   ----a-w-   C:\windows\System32\MsSpellCheckingFacility.exe
2015-10-01 05:13:08   194048   ----a-w-   C:\windows\SysWow64\elshyph.dll
2015-10-01 03:31:05   97888   ----a-w-   C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-10-01 01:05:29   780488   ----a-w-   C:\windows\SysWow64\FlashPlayerApp.exe
2015-10-01 01:05:29   142536   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 10:08:23   300704   ------w-   C:\windows\System32\MpSigStub.exe
.
============= FINISH: 10:49:42.04 ===============


Attach File:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/24/2011 4:56:46 PM
System Uptime: 10/1/2015 10:44:15 AM (0 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel(R) Celeron(R) CPU          900  @ 2.20GHz | CPU | 2194/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 222 GiB total, 158.378 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP411: 9/30/2015 5:06:52 PM - Windows Update
RP413: 9/30/2015 6:13:40 PM - Windows Update
RP414: 9/30/2015 6:29:54 PM - Removed Apple Application Support
RP415: 9/30/2015 6:40:47 PM - Removed iTunes
RP416: 9/30/2015 6:50:15 PM - Removed Apple Mobile Device Support
RP417: 9/30/2015 6:51:17 PM - Removed Apple Software Update
RP418: 9/30/2015 6:52:55 PM - Removed Bonjour
RP419: 9/30/2015 6:55:11 PM - Removed WordPerfect Office IFilter 32-bit.
RP420: 9/30/2015 6:55:42 PM - Removed WordPerfect Office IFilter 64-bit.
RP421: 9/30/2015 7:13:52 PM - Removed Microsoft SQL Server 2005 Compact Edition [ENU]
RP422: 9/30/2015 7:20:51 PM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
RP423: 9/30/2015 7:27:40 PM - Removed Microsoft Visual C++ 2005 Redistributable
RP424: 9/30/2015 7:29:57 PM - Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
RP425: 9/30/2015 7:33:04 PM - Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
RP426: 9/30/2015 7:35:13 PM - Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
RP427: 9/30/2015 7:37:11 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
RP428: 9/30/2015 7:39:17 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP429: 9/30/2015 7:40:15 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
RP430: 9/30/2015 8:24:08 PM - Removed Microsoft Silverlight
RP431: 9/30/2015 8:52:25 PM - Removed OpenOffice.org 3.4
RP432: 9/30/2015 8:55:58 PM - Removed OpenOffice.org 3.4
RP433: 9/30/2015 9:59:14 PM - Windows Modules Installer
RP434: 9/30/2015 10:03:31 PM - Windows Modules Installer
RP435: 9/30/2015 10:08:39 PM - Removed Microsoft Office 2010
RP436: 9/30/2015 10:10:22 PM - Removed Microsoft Office 2010
RP437: 9/30/2015 10:13:35 PM - Removed Microsoft Office Click-to-Run 2010
RP438: 10/1/2015 3:04:24 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 19 ActiveX
Adobe Flash Player 19 NPAPI
Adobe Reader 9.3
Adobe Shockwave Player 12.0
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
Best Buy pc app
CCleaner
Conexant HD Audio
Defraggler
erLT
Google Chrome
Google Update Helper
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java 8 Update 60
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 8.2
Microsoft Security Client
Microsoft Security Essentials
MSVCRT
PlayReady PC Runtime amd64
Realtek USB 2.0 Card Reader
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972106)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972215)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2978125)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2979575v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB3023221)
Security Update for Microsoft .NET Framework 4 Client Profile (KB3032662)
Security Update for Microsoft .NET Framework 4 Client Profile (KB3037578)
swMSM
Synaptics Pointing Device Driver
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
ToshibaRegistration
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
VLC media player 2.0.8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR 5.00 beta 8 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
9/30/2015 6:37:19 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
9/30/2015 6:37:19 PM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/30/2015 5:17:22 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version:      Update Source: User     Update Stage: Install     Source Path:      Signature Type:      Update Type:      User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version:      Error code: 0x80070652     Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
9/30/2015 5:16:04 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version:      Update Source: User     Update Stage: Install     Source Path:      Signature Type:      Update Type:      User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version:      Error code: 0x80070652     Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
9/30/2015 5:15:47 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.199.1167.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.11701.0&avdelta=1.199.1167.0&asdelta=1.199.1167.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.11701.0     Error code: 0x80070652     Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
9/30/2015 5:15:47 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.199.1167.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.11701.0&avdelta=1.199.1167.0&asdelta=1.199.1167.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.11701.0     Error code: 0x80070652     Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
9/30/2015 5:15:32 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.199.1167.0     Update Source: Microsoft Update Server     Update Stage: Install     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.11701.0     Error code: 0x8024001e     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
9/30/2015 5:15:25 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version:      Update Source: User     Update Stage: Install     Source Path:      Signature Type:      Update Type:      User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version:      Error code: 0x80070652     Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
10/1/2015 8:21:28 AM, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
10/1/2015 7:04:33 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Start with the following error:  Access is denied.
10/1/2015 6:59:01 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
10/1/2015 6:56:09 AM, Error: Service Control Manager [7023]  -
10/1/2015 6:50:38 AM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
10/1/2015 10:45:18 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HASP License Manager service to connect.
10/1/2015 10:45:18 AM, Error: Service Control Manager [7000]  - The HASP License Manager service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/1/2015 10:10:13 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
10/1/2015 10:08:31 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
.
==== End Of File ===========================
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 01, 2015, 03:42:55 PM
Howdy Marco, my name is Hoov and I will be helping you with your problem. As it has been a while since you were last helped here and a lot has changed, I am going to post the preliminaries so you can see if anything has changed.

Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

 I would like to get a peek at your event viewer logs. I need you to go to the administration tools in Vista / Windows 7. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

Do you have another computer you can get online with? If you do then follow the instructions below. If not let me know before proceeding.

Disconnect your computer from the internet. I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 01, 2015, 04:50:53 PM
Hi Hoov - Yes, you've helped me before.

First, tell me everything that you have done, if anything, to try and fix the. problem. Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

This machine has been used for very little in several years. As such, Windows hadn't been updated for a couple years. I wanted to start using it regularly a couple weeks ago. The only problems I noticed when I went to start using it was it was painfully slow and open programs would quit responding on a regular basis. All I did was try to update Windows to fix any likely known issues. When that mostly failed I ran Windows Update Troubleshooter, which failed. I then removed as several programs and tried updating to Windows 10. When that failed overnight, I allowed Automatic Update to run, which appeared to install roughly 70 updates (of about 135) and ran Malware Bytes MBAM.

** Today, because I was suspicious of connectivity issues, I unclicked Automatically Detect Settings under /LAN Settings. This caused 60 Windows updates to begin downloading, which it is doing now, after my DDS logs. 

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

There is no relevant data. It can be wiped clean.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

No, it is my personal computer. It had SQL Server and some C++ programs I removed yesterday, but it is mine, legally with a licensed version of Windows. Yes, I have a desktop I can get on line with. And a phone and Tablet as well.

Thanks! I'll get you the Event Viewer .zip files shortly.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 01, 2015, 06:09:28 PM
Go ahead and restart using msconfig as described above. In the last couple weeks I have seen several computers with problems with Microsoft Security Essentials, you might want to try uninstalling that and see if that helps at all. If it helps, or not, that will not be the only problem. After doing a clean install let me know how the computer is responding.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 02, 2015, 12:19:23 PM
The files are attached. I did them in the order requested, that is I ran the event viewer before disconnecting from the internet and disabling startup services. I did delete Microsoft Security Essentials before doing anything else. It might have made IE and Chrome open faster, but probably not significantly.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 02, 2015, 01:18:39 PM
You only exported a single entry in each event viewer log. Please try again. The logs should be much larger than a few Mb.

Right click on the task bar and select task manager and then look along the bottom edge of the task manager and tell me what percentage the CPU usage and then physical memory usage is.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 02, 2015, 01:23:22 PM
Yeah, they were huge, like 60,000 lines each. I'll do again.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 02, 2015, 07:26:08 PM
Have not been able to get the new files to upload as an attachment. I also tried sending in separate zipped files. I keep getting this message:

Your attachment couldn't be saved. This might happen because it took too long to upload or the file is bigger than the server will allow.

Please consult your server administrator for more information.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 02, 2015, 08:36:24 PM
I thought that might happen. I will send you a PM on what to do with the event viewer logs.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 02, 2015, 09:57:16 PM
Done
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 03, 2015, 06:08:41 PM
I need you to submit the following file to VirusTotal following the instructions further down. Also I need you to zip it up and upload it to the same location that you uploaded the previous files.

C:\windows\System32\hasplms.exe

Go to VirusTotal (https://www.virustotal.com/) and click the choose file button. Browse to and select the file above and then click the Scan It! button. If you get a popup saying the file has already been analyzed, select the button to analyze it again. Let me know if any of the scanners think it is anything other than good.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 03, 2015, 09:29:22 PM
The file is uploaded to the site as instructed.

Virus Total returned 1/56 (or 2/56) detection ratio. Symantec and F-Secure listed it as "Suspicious" while Bkav gave a HW32.Packed.5D73 result.

It took a minute to find. I couldn't browse directly to the file. It's at C:\Windows\System32\DriverStore\FileRepository\akshhl.inf_amd64_neutral_f2166ced11002f69
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 03, 2015, 10:00:19 PM
Do you know what a HASP is?  Do you have one installed? It may show up as being from Aladdin.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 03, 2015, 10:14:16 PM
Hardware Against Software Piracy I presume. Yes, it is showing up as being from Aladdin.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 03, 2015, 10:24:39 PM
I'm not even close to an expert, but that's pretty high-end stuff, right? Nothing installed along those lines. It's not even password protected.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 04, 2015, 07:36:32 AM
There are some removal instructions here (http://www.numberone.com/faq.aspx?KB020024) Read thru them and see if they make sense. If they do, go ahead and uninstall HASP
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 06, 2015, 07:40:03 PM
I think it's removed. I can't find any traces of it anyway.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 06, 2015, 08:22:44 PM
Did that change how the computer is running?
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 06, 2015, 09:24:51 PM
Definitely faster. The most noticeable differences are:
1. The Task Manager options screen now loads quickly, as does the Task Manager when selected.
2. On Restart (or Shutdown) there was a lag where you could force close whatever was still running. That's now solved and the machine reboots as normal.

After Windows inadvertently updated itself, web activity response picked up a bit, 25% maybe, but everything seems to running normally now.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 06, 2015, 10:08:12 PM
I would not say we are done yet. We need to make sure that you are running as well as you should be running over a period of time.

Please update Ccleaner (there is a link in the lower right corner) then open it up. If you go down to the System section and just below the items that are already checked is a box for Windows Error Reporting, check that box then click the analyze button and then when that is done click the run cleaner button. Once that is done, uncheck the error reporting box that you checked earlier.

Now run your computer for a while then reboot the computer. Run it again for about an hour and reboot again. Then follow the instructions I gave earlier about the Event Viewer logs. Go ahead and upload them to the same link I sent you in the PM.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 07, 2015, 02:19:47 PM
The new Event Logs are uploaded.

I don't have much software on this machine to test with yet. WordPad and the VLC Media Player open and work correctly. Opening Chrome or IE takes roughly 10 seconds after they've been off for a while (10 minutes). Reopening after they've been open is quick however. My connection is wireless.

I'm noticing any other potential issues at the moment.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 07, 2015, 02:41:34 PM
*not noticing
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 07, 2015, 02:52:39 PM
OK, still a few problems. Try reinstalling Microsoft Security Essentials and then run it for a couple hours. Make sure to reboot at least twice and then give me a new set of event viewer logs.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 07, 2015, 08:55:14 PM
New Event Logs uploaded.

MSE ran for about 3 hours. Found nothing. The one change in performance is this: Chrome still takes over 10 seconds to load the first time after shutdown/reboot. IE is just under 4 seconds. That's the only time startup is that slow, even after the machine comes out of sleep mode. Now the usual startup time seems to be +/- 2 sec.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 07, 2015, 09:29:52 PM
From what your event viewer logs are showing, the only problem you have is with the Toshiba Service Station. If you do not use it, then I would recommend uninstalling it.

Other than that, everything looks good.

Now  there are a few thing's you need to do to fully clean your system and keep it secure.

Run Delfix

This program will remove the tools used and its logs. If anything remains, you can delete manually delete them.
Please download Delfix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix) and save it to your desktop.
Double click on Delfix.exe to run the tool and click on the Run button.

Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite (http://www.igorshpak.net/software/3ssetup104.zip), EasyCleaner (http://personal.inet.fi/business/toniarts/ecleane.htm), Ccleaner (http://www.ccleaner.com). Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

Disable and Enable System Restore.
I recommend you turn off System restore, and then turn it back on so that you will not be able to restore your problems to a clean computer.
For Vista use these instructions, Windows Vista Restore Guide (http://www.bleepingcomputer.com/tutorials/tutorial143.html)
For XP use these instructions, Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/index.php?showtutorial=56)
Reboot
Re-enable system restore with instructions from tutorial above
Create a System Restore Point
Go to all programs, then to accessories, then to system tools, then to system restore. Check the box for create restore point (not select a restore point), then click next and follow the instructions.

Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall). There are some good basic instructions for that here (http://www.us-cert.gov/reading_room/securing_browser/).

Use a different browser other than  IE (most exploits are pointed towards IE). One of them is
Firefox (http://www.mozilla.org/products/firefox/).
It is also worth trying Thunderbird (http://www.mozilla.org/products/thunderbird/) for controlling spam in your e-mail.

Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may save you more than anything else.

Run malware scanners. Three free ones are Spybot Search and Destroy (http://www.safer-networking.org), and AdAware (http://www.lavasoftusa.com) and Malwarebytes' Anti-Malware (http://www.besttechie.net/mbam/mbam-setup.exe)

Always use a firewall.
Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.
 
Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose. 


Never run two Antivirus programs or two Firewalls  at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.


 MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates. I also suggest running Secunia PSI (http://secunia.com/products/consumer/psi/sys_req/). Download version 2. It is not the download button, but just underneath it. It will monitor the software you have installed and let you know when something needs to be updated.

Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Before using any malware detection / removal software Check with Rogue/Suspect Spyware List (http://www.spywarewarrior.com/rogue_anti-spyware.htm) That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior (http://www.spywarewarrior.com/asw-test-guide.htm)

We have a good guide here at Spyware Hammer (http://spywarehammer.com/simplemachinesforum/index.php?topic=398.0) on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

Let us know if you have any more problems, either new or old.
Have a good time surfing the net, but stay safe.
If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Marco on October 09, 2015, 12:23:16 AM
Run Delfix
Done

Cleaning out Temporary Files etc.
Done - I've used Ccleaner for several years, based on your recommendation.

Create a System Restore Point
Done

Make your Internet Explorer more secure
Done - But I almost never use it.

Use a different browser other than  IE
I usually use Chrome, but it seems more vulnerable as it gains in popularity. Should I switch?

Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often.
In the past I've used Avast based on your recommendation. Is that preferred still?

Run malware scanners.
I use MBAM

Always use a firewall.
Windows Firewall right now. Is that sufficient?

Don't ever use P2P or filesharing software
Never

Let us know if you have any more problems, either new or old.
It seems to be running faster still, opening after restarts, etc.
I do have a couple questions:
Should I switch off of Chrome? I'm comfortable with Firefox if so.
Avast for Anti-Virus still?
Is Windows Firewall sufficient?
Opinion on updating to Windows 10? Should I do it now since its a relatively clean machine?

Thank you very much. Your help is always appreciated. I realized I had bailed on, I believe, two projects in the past. I apologize for that. One the machine died completely (I still have it and would like to retrieve some files off it one day) and the other was my moms. I can't remember what happened there. After I realized that, I was a little embarrassed and even more thankful for your help. Again, it's appreciated. Thank you!
Title: Re: [In Progress] Laptop running slow, programs stop responding
Post by: Hoov on October 09, 2015, 05:09:01 AM
About Chrome, that is a personal choice. If you like it stick with it. All browsers are targets unless you want to run something a bit more obscure. I do recommend having one other browser installed, just in case you cannot get online with your current browser. I don't include IE as an alternate browser. Usually when Windows gets hit, IE is one of the first things to quit working.

The firewall in Windows 7 is fine, as long as you are not abusing it by going to shady websites.

Antivirus's, another personal choice. If you are happy with Avast and like it stick with it. But if you find that you are turning it off or reducing its settings, you may want to look for one that fits you better.

Windows 10, before you even think about it check your computers manufacturers website and make sure that it has the drivers. They should have a list someplace that will tell you what systems are upgradeable to Windows 10. We have a list of some of the OEM's Windows 10 compatibility (http://spywarehammer.com/index.php/topic,16321.0.html) lists. After that, read up on some of the concerns and if you still think Windows 10 is a good fit for you, go ahead. IS it worth it? I am the wrong person to ask. I have one system running Windows 10, the others still have Windows 8.1. I am still getting used to it, now I have to learn a new OS. GRR. As for upgrading, go thru the normal procedure, but make an install disc as well. Then once it is upgraded and activated, make sure your personal data is backed up externally, then use the install disc and do a clean install. No need to copy a key as all of that is done on Microsoft servers now. Then you will have a clean install of Windows which is always better than a copy of windows that started out one thing and is now another.