Author Topic: [Inactive] CPU runs slow switching between programs.Net crashes and is slow  (Read 4165 times)

Offline bigglos716

  • Bronze Member
  • Posts: 210
CPU runs slow transitioning between programs.Net crashes and goes slow at times. The sound on the internet stops working at times. Sometimes I will get an "script error" message while viewing video on the net.
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631
Run by Carlos at 15:30:45 on 2015-03-08
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.2013.781 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\M-Audio\Fast Track C600\AudioDevMon.exe
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\HP LaserJet Professional M1530 MFP Series\Fax Driver\hppfaxprintersrv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{2BC7F119-81F0-4500-BE95-A1194243A5DE} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
SSODL: WebCheck - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files\HP\HP LaserJet Professional M1530 MFP Series\Fax Driver\hppfaxprintersrv.exe "HP LaserJet Professional M1530 MFP Series Fax"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\kfwrm8be.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-11-24 92160]
R2 FastTrackC600AudioDevMon;Fast Track C600 Audio Device Monitor;C:\Program Files (x86)\M-Audio\Fast Track C600\AudioDevMon.exe [2011-7-26 2023728]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-4-12 142336]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-7-17 124560]
R3 GOLDFINGER;Service for M-Audio Fast Track C600;C:\Windows\System32\drivers\MAudioFastTrackC600.sys [2011-7-26 486704]
R3 GOLDFINGERDFU;Service for M-Audio Fast Track C600 DFU;C:\Windows\System32\drivers\MAudioFastTrackC600_DFU.sys [2011-7-26 30512]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-14 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-2-16 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-2-16 56832]
.
=============== Created Last 30 ================
.
2015-03-08 10:27:17   11910896   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31BC9266-2A7E-4786-BA53-B0E56C2B5A01}\mpengine.dll
2015-03-07 02:20:31   11910896   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-01 22:27:56   950272   ----a-w-   C:\Windows\System32\perftrack.dll
2015-03-01 22:27:56   29696   ----a-w-   C:\Windows\System32\powertracker.dll
2015-03-01 22:27:55   91136   ----a-w-   C:\Windows\System32\wdi.dll
2015-03-01 22:27:54   76800   ----a-w-   C:\Windows\SysWow64\wdi.dll
2015-02-22 19:30:20   1188440   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{962F99DC-4085-4E86-9068-6DC6625D3EC0}\gapaengine.dll
2015-02-18 22:30:13   --------   d-----w-   C:\Program Files (x86)\Microsoft ActiveSync
2015-02-18 22:29:17   --------   d-----w-   C:\Windows\PCHEALTH
2015-02-18 22:09:52   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2015-02-18 22:09:49   4300800   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2015-02-18 22:09:46   6041600   ----a-w-   C:\Windows\System32\jscript9.dll
2015-02-18 22:09:40   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2015-02-18 22:08:53   87040   ----a-w-   C:\Windows\System32\TSWbPrxy.exe
2015-02-16 17:19:11   3179520   ----a-w-   C:\Windows\System32\rdpcorets.dll
2015-02-16 17:19:10   16384   ----a-w-   C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-02-16 17:18:50   5703168   ----a-w-   C:\Windows\SysWow64\mstscax.dll
2015-02-16 17:18:48   6584320   ----a-w-   C:\Windows\System32\mstscax.dll
2015-02-16 13:25:24   19456   ----a-w-   C:\Windows\System32\drivers\rdpvideominiport.sys
2015-02-16 13:25:23   192000   ----a-w-   C:\Windows\SysWow64\rdpendp_winip.dll
2015-02-16 13:25:22   243200   ----a-w-   C:\Windows\System32\rdpudd.dll
2015-02-16 13:25:22   228864   ----a-w-   C:\Windows\System32\rdpendp_winip.dll
2015-02-16 05:09:27   --------   d-----w-   C:\Windows\Temp57037121-01EF-48C0-AB0F-5566037F208A-Signatures
2015-02-15 01:36:08   894976   ----a-w-   C:\Windows\System32\appraiser.dll
2015-02-15 01:36:08   609280   ----a-w-   C:\Windows\System32\generaltel.dll
2015-02-15 01:36:08   1098752   ----a-w-   C:\Windows\System32\aeinv.dll
2015-02-15 01:36:07   762368   ----a-w-   C:\Windows\System32\invagent.dll
2015-02-15 01:36:07   414720   ----a-w-   C:\Windows\System32\devinv.dll
2015-02-15 01:36:07   1239720   ----a-w-   C:\Windows\System32\aitstatic.exe
2015-02-15 01:36:06   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2015-02-15 01:36:06   192000   ----a-w-   C:\Windows\System32\aepic.dll
2015-02-15 01:34:55   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2015-02-15 01:33:24   406528   ----a-w-   C:\Windows\System32\scesrv.dll
2015-02-15 01:33:24   308224   ----a-w-   C:\Windows\SysWow64\scesrv.dll
2015-02-15 01:33:12   5554112   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2015-02-15 01:33:10   3972544   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-15 01:33:10   3917760   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2015-02-15 01:33:09   503808   ----a-w-   C:\Windows\System32\srcore.dll
2015-02-15 01:33:09   296960   ----a-w-   C:\Windows\System32\rstrui.exe
2015-02-15 01:33:08   50176   ----a-w-   C:\Windows\System32\srclient.dll
2015-02-15 01:33:08   43008   ----a-w-   C:\Windows\SysWow64\srclient.dll
2015-02-15 01:27:14   3201536   ----a-w-   C:\Windows\System32\win32k.sys
2015-02-08 01:53:36   --------   d-----w-   C:\Users\Carlos\AppData\Local\IsolatedStorage
2015-02-08 01:40:37   --------   d-----w-   C:\Users\Carlos\AppData\Roaming\Intuit
2015-02-08 01:33:59   --------   d-----w-   C:\Program Files (x86)\Common Files\Intuit
2015-02-08 01:33:47   --------   d-----w-   C:\Program Files (x86)\TurboTax
2015-02-08 01:33:27   --------   d-----w-   C:\Windows\System32\MRT
2015-02-08 01:27:29   --------   d-----w-   C:\ProgramData\Intuit
.
==================== Find3M  ====================
.
2015-03-08 10:09:08   129752   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-03-03 13:17:35   295552   ------w-   C:\Windows\System32\MpSigStub.exe
2015-02-08 02:11:33   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-08 02:11:33   701616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-15 08:14:17   155072   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2015-01-15 08:09:58   29184   ----a-w-   C:\Windows\System32\sspisrv.dll
2015-01-15 08:09:58   136192   ----a-w-   C:\Windows\System32\sspicli.dll
2015-01-15 08:09:57   28160   ----a-w-   C:\Windows\System32\secur32.dll
2015-01-15 08:09:51   1461760   ----a-w-   C:\Windows\System32\lsasrv.dll
2015-01-15 08:09:15   31232   ----a-w-   C:\Windows\System32\lsass.exe
2015-01-15 08:08:59   64000   ----a-w-   C:\Windows\System32\auditpol.exe
2015-01-15 08:06:22   60416   ----a-w-   C:\Windows\System32\msobjs.dll
2015-01-15 08:06:11   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2015-01-15 08:04:23   686080   ----a-w-   C:\Windows\System32\adtschema.dll
2015-01-15 07:42:59   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2015-01-15 07:42:05   50176   ----a-w-   C:\Windows\SysWow64\auditpol.exe
2015-01-15 07:41:53   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2015-01-15 07:39:53   60416   ----a-w-   C:\Windows\SysWow64\msobjs.dll
2015-01-15 07:39:36   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2015-01-15 07:37:55   686080   ----a-w-   C:\Windows\SysWow64\adtschema.dll
2015-01-15 04:22:18   458824   ----a-w-   C:\Windows\System32\drivers\cng.sys
2015-01-13 03:10:22   1424384   ----a-w-   C:\Windows\System32\WindowsCodecs.dll
2015-01-13 02:49:19   1230336   ----a-w-   C:\Windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:05:32   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2015-01-12 03:05:19   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2015-01-12 02:48:57   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52   584192   ----a-w-   C:\Windows\System32\vbscript.dll
2015-01-12 02:47:25   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2015-01-12 02:34:42   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2015-01-12 02:34:30   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2015-01-12 02:25:28   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09   503296   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2015-01-12 02:07:51   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2015-01-12 02:07:06   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2015-01-12 01:46:29   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00   2125824   ----a-w-   C:\Windows\System32\inetcpl.cpl
2015-01-12 01:40:43   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27:32   2358272   ----a-w-   C:\Windows\System32\wininet.dll
2015-01-12 01:23:09   2052608   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17   1888256   ----a-w-   C:\Windows\SysWow64\wininet.dll
2015-01-10 06:48:22   210944   ----a-w-   C:\Windows\System32\wdigest.dll
2015-01-10 06:48:19   86528   ----a-w-   C:\Windows\System32\TSpkg.dll
2015-01-10 06:48:17   341504   ----a-w-   C:\Windows\System32\schannel.dll
2015-01-10 06:48:13   309760   ----a-w-   C:\Windows\System32\ncrypt.dll
2015-01-10 06:48:12   314880   ----a-w-   C:\Windows\System32\msv1_0.dll
2015-01-10 06:48:10   728064   ----a-w-   C:\Windows\System32\kerberos.dll
2015-01-10 06:48:05   22016   ----a-w-   C:\Windows\System32\credssp.dll
2015-01-10 06:27:54   172032   ----a-w-   C:\Windows\SysWow64\wdigest.dll
2015-01-10 06:27:51   65536   ----a-w-   C:\Windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47   248832   ----a-w-   C:\Windows\SysWow64\schannel.dll
2015-01-10 06:27:44   221184   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43   259584   ----a-w-   C:\Windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2015-01-10 06:27:32   17408   ----a-w-   C:\Windows\SysWow64\credssp.dll
2014-12-19 03:06:55   210432   ----a-w-   C:\Windows\System32\profsvc.dll
2014-12-19 01:46:45   141312   ----a-w-   C:\Windows\System32\drivers\mrxdav.sys
2014-12-12 05:31:39   1480192   ----a-w-   C:\Windows\System32\crypt32.dll
2014-12-12 05:07:26   1174528   ----a-w-   C:\Windows\SysWow64\crypt32.dll
.
============= FINISH: 15:32:32.36 ===============
« Last Edit: March 08, 2015, 02:29:12 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Howdy, it is Hoov again. Please copy and paste the attach.txt log into a reply.

1.Download and scan with CCleaner
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

    • Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
    • Clean all the entries in the "Windows Explorer" section.
    • Clean all entries in the "System" section.
    • Clean all entries in the "Advanced" section.
    • Clean any others that you choose.


    In the Applications Tab
      • Clean all except cookies in the Firefox/Mozilla section if you use it.
      • Clean all in the Opera section if you use it.
      • Clean Sun Java in the Internet Section.
      • Clean any others that you choose.


      4. Click the "Run Cleaner" button.
      5. A pop up box will appear advising this process will permanently delete files from your system.
      6. Click "OK" and it will scan and clean your system.
      7. Click "exit" when done.

      Also please update Malwarebytes' Anti-Malware and run a full scan. Post the resulting log.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2012-11-20.01)
      .
      Microsoft Windows 7 Professional
      Boot Device: \Device\HarddiskVolume2
      Install Date: 11/24/2014 2:50:57 PM
      System Uptime: 3/8/2015 2:11:25 PM (1 hours ago)
      .
      Motherboard: Dell Inc. |  | 07N90W
      Processor: Intel(R) Core(TM)2 Duo CPU     E7500  @ 2.93GHz | CPU 1 | 2926/266mhz
      .
      ==== Disk Partitions =========================
      .
      C: is FIXED (NTFS) - 223 GiB total, 86.663 GiB free.
      D: is CDROM ()
      .
      ==== Disabled Device Manager Items =============
      .
      ==== System Restore Points ===================
      .
      RP24: 12/25/2014 7:45:18 PM - Windows Update
      RP25: 12/29/2014 5:34:28 PM - Windows Update
      RP26: 1/1/2015 7:19:23 PM - Windows Update
      RP27: 1/11/2015 6:56:57 PM - Windows Update
      RP28: 1/18/2015 6:12:22 PM - Windows Update
      RP29: 1/18/2015 9:12:43 PM - Windows Update
      RP30: 1/31/2015 5:15:00 PM - Windows Update
      RP31: 1/31/2015 9:10:02 PM - Windows Update
      RP32: 2/7/2015 8:23:44 PM - Windows Update
      RP33: 2/7/2015 8:31:40 PM - Windows Update
      RP34: 2/8/2015 6:05:10 AM - Installed TurboTax 2014 wnyiper
      RP35: 2/14/2015 8:00:20 PM - Windows Update
      RP36: 2/16/2015 12:00:18 AM - Windows Update
      RP37: 2/16/2015 8:16:50 AM - Windows Update
      RP38: 2/16/2015 7:38:16 PM - Windows Update
      RP39: 2/18/2015 5:27:18 PM - Installed Microsoft Office Professional Edition 2003
      RP40: 2/18/2015 7:53:22 PM - Windows Update
      RP41: 2/22/2015 2:07:44 PM - Windows Update
      RP42: 2/22/2015 3:08:39 PM - Windows Update
      RP43: 3/1/2015 5:20:11 PM - Windows Update
      RP44: 3/2/2015 3:00:50 AM - Windows Update
      RP45: 3/6/2015 9:18:38 PM - Windows Update
      .
      ==== Installed Programs ======================
      .
      64 Bit HP CIO Components Installer
      Adobe Flash Player 16 NPAPI
      Adobe Reader XI (11.0.10)
      Adobe Refresh Manager
      ASIO4ALL
      BitTorrent
      Broadcom Gigabit NetLink Controller
      Cisco Network Magic
      FL Studio 11
      FlowStone FL 3.0
      HP LaserJet Professional M1530 MFP Series
      HP LJ M1530 MFP Series HP Scan
      HPLaserJetHelp_LearnCenter
      HPLJUT
      hppFaxDrvM1530
      hppFaxUtilityM1530
      hppLaserJetService
      hppM1530LaserJetService
      hppSendFaxM1530
      hppTLBXFXM1530
      hpzTLBXFX
      I.R.I.S. OCR
      IL Download Manager
      M-Audio Fast Track C600 Driver 1.0.1 (x64)
      Malwarebytes Anti-Malware version 2.0.4.1028
      Microsoft .NET Framework 4.5.1
      Microsoft Office Professional Edition 2003
      Microsoft Security Client
      Microsoft Security Essentials
      Microsoft Silverlight
      Microsoft Visual C++ 2005 Redistributable
      Microsoft Visual C++ 2005 Redistributable (x64)
      Mozilla Firefox 36.0.1 (x86 en-US)
      Mozilla Maintenance Service
      Network Magic
      Pure Networks Platform
      Realtek High Definition Audio Driver
      Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
      Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
      TurboTax 2014
      TurboTax 2014 WinPerFedFormset
      TurboTax 2014 WinPerReleaseEngine
      TurboTax 2014 WinPerTaxSupport
      TurboTax 2014 wnyiper
      TurboTax 2014 wrapper
      .
      ==== Event Viewer Messages From Past Week ========
      .
      3/8/2015 5:08:13 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
      3/6/2015 9:46:55 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureCommand with the following error:  Access is denied.
      3/6/2015 9:28:16 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Start with the following error:  Access is denied.
      3/1/2015 5:26:42 PM, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
      3/1/2015 5:23:01 PM, Error: Service Control Manager [7022]  - The Intuit Update Service v4 service hung on starting.
      .
      ==== End Of File ===========================

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      Nice meeting you again. I appreciate you.

      Thank You

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      It has been removed.

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Go ahead and run Ccleaner and Malwarebytes' Anti-Malware and post the Malwarebytes' Anti-Malware log.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scan Date: 3/9/2015
      Scan Time: 8:50:42 PM
      Logfile: MB 3.9.15.txt
      Administrator: Yes

      Version: 2.00.4.1028
      Malware Database: v2015.03.09.02
      Rootkit Database: v2015.02.25.01
      License: Free
      Malware Protection: Disabled
      Malicious Website Protection: Disabled
      Self-protection: Disabled

      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: Carlos

      Scan Type: Threat Scan
      Result: Completed
      Objects Scanned: 330987
      Time Elapsed: 18 min, 12 sec

      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Enabled
      PUM: Enabled

      Processes: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registry Keys: 0
      (No malicious items detected)

      Registry Values: 0
      (No malicious items detected)

      Registry Data: 0
      (No malicious items detected)

      Folders: 0
      (No malicious items detected)

      Files: 0
      (No malicious items detected)

      Physical Sectors: 0
      (No malicious items detected)


      (end)

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Please follow these steps:

      1.- Download AdwCleaner by Xplode onto your Desktop.
      •   Please close all open programs and internet browsers.
      •   Double click on Adwcleaner.exe to run the tool.
      •   Click on the Scan button..
      •   Please be patient as this can take a while to complete.
      •   You will get a prompt asking to close all programs. Click OK.
      •   Click OK again to reboot your computer. A text file will open after the restart.
      •   Please post the content of that logfile in your reply.
      •   You can find the logfile at C:\AdwCleaner[Sn].txt.
      2.- Download Junkware Removal Tool to your desktop.
      • Shutdown your antivirus to avoid any conflicts.
      • Run the tool by double-clicking it.
      • The tool will open and start scanning your system.
      • Please be patient as this can take a while to complete.
      • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
      • Post the contents of JRT.txt in your next message.
      3.- Please download RogueKiller and Save to the desktop.
      • Close all windows and browsers
      • Double click on RogueKiller.exe to run the tool.
      • Press the scan button.
      • A report opens on the desktop named - RKreport.txt
      • Please post it in your next reply.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      # AdwCleaner v4.112 - Logfile created 11/03/2015 at 19:19:42
      # Updated 09/03/2015 by Xplode
      # Database : 2015-03-05.1 [Server]
      # Operating system : Windows 7 Professional Service Pack 1 (x64)
      # Username : Carlos - CARLOS-PC
      # Running from : C:\Users\Carlos\Desktop\AdwCleaner.exe
      # Option : Scan

      ***** [ Services ] *****


      ***** [ Files / Folders ] *****


      ***** [ Scheduled tasks ] *****


      ***** [ Shortcuts ] *****


      ***** [ Registry ] *****

      Key Found : HKCU\Software\YahooPartnerToolbar
      Key Found : [x64] HKCU\Software\YahooPartnerToolbar

      ***** [ Web browsers ] *****

      -\\ Internet Explorer v11.0.9600.17631


      -\\ Mozilla Firefox v36.0.1 (x86 en-US)

      *************************

      AdwCleaner[R0].txt - [714 bytes] - [11/03/2015 19:19:42]

      ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [772 bytes] ##########

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Thisisu
      Version: 6.4.3 (03.01.2015:1)
      OS: Windows 7 Professional x64
      Ran by Carlos on Wed 03/11/2015 at 20:26:16.01
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Registry Values



      ~~~ Registry Keys



      ~~~ Files



      ~~~ Folders



      ~~~ FireFox

      Emptied folder: C:\Users\Carlos\AppData\Roaming\mozilla\firefox\profiles\kfwrm8be.default\minidumps [29 files]



      ~~~ Event Viewer Logs were cleared





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Wed 03/11/2015 at 20:28:29.79
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      RogueKiller V10.5.3.0 [Mar 10 2015] by Adlice Software
      mail : http://www.adlice.com/contact/
      Feedback : http://forum.adlice.com
      Website : http://www.adlice.com/softwares/roguekiller/
      Blog : http://www.adlice.com

      Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
      Started in : Normal mode
      User : Carlos [Administrator]
      Started from : C:\Users\Carlos\Downloads\RogueKiller.exe
      Mode : Scan -- Date : 03/11/2015  20:53:41

      Processes : 2
      [Suspicious.Path] AdwCleaner.exe(3156) -- C:\Users\Carlos\Desktop\AdwCleaner.exe[-] -> Killed [TermProc]
      [Suspicious.Path] AdwCleaner.exe(5084) -- C:\Users\Carlos\Desktop\AdwCleaner.exe[-] -> Killed [TermProc]

      Registry : 12
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2BC7F119-81F0-4500-BE95-A1194243A5DE} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2BC7F119-81F0-4500-BE95-A1194243A5DE} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2BC7F119-81F0-4500-BE95-A1194243A5DE} | DhcpNameServer : 209.18.47.61 209.18.47.62 [UNITED STATES (US)][UNITED STATES (US)]  -> Found
      [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2800131861-3029610839-2584022255-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
      [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2800131861-3029610839-2584022255-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

      Tasks : 0

      Files : 0

      Hosts File : 0

      Antirootkit : 0 (Driver: Not loaded [0xc000036b])

      Web browsers : 0

      MBR Check :
      +++++ PhysicalDrive0: ST3250318AS ATA Device +++++
      --- User ---
      [MBR] 626d10951af43403ed2b58501824aa47
      [BSP] ef1bfaea70b17040ada7cfa8a452a62f : Windows Vista/7/8 MBR Code
      Partition table:
      User = LL1 ... OK
      User = LL2 ... OK

      +++++ PhysicalDrive1: HTC Android Phone USB Device +++++
      Error reading User MBR! ([15] The device is not ready. )
      Error reading LL1 MBR! NOT VALID!
      Error reading LL2 MBR! ([32] The request is not supported. )


      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Right click on the taskbar and select Taskmanager and tell me what your CPU's are and what the physical memory percentage is.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline bigglos716

      • Bronze Member
      • Posts: 210
      cpu bounce between 1 and 4 percent . P.Mem bounces between 64% and 94%  59-65 processes

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      The memory is the issue. Lets see if we can do something about that. How much memory do you have installed? If you are unsure go to the control panel and open the system control panel It should tell you how much memory is installed.

      Also can you tel me the model number of your computer?

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!