Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow processing, High CPU usage, freezing

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slow processing, High CPU usage, freezing

Unread postby tlind » July 14th, 2015, 10:17 pm

Symptoms: Very slow startup, hangs up on intel tubo technology. Frequently freezes which requires force close. does not always respond to Ctrl Atl Del to bring up Task Manager when application stops. In the past week has required disk check at startup. when trying to close normally, will blink at me and may not close properly. Again requiring a force shutdown. Have deleted cookies and checked in various ways for unwanted software. Anti Virus just expired. Major symptoms coincidentally began around the last Windows update, but has been having (Blue Screen) freeze-up incidents for the last eight months. Windows troubleshooting, Samsung system check, etc. Even tried clean boot.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840 BrowserJavaVersion: 11.31.2
Run by PC at 18:30:33 on 2015-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6058.650 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\taskhost.exe
C:\windows\system32\mfevtps.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\windows\system32\GWX\GWX.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\splwow64.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\PresentationHost.exe
C:\windows\explorer.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://xfinity.comcast.net/
uSearch Bar = Preserve
mStart Page = about:blank
uProxyOverride = <-loopback>
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [EPSON Stylus CX4200 Series (Copy 1)] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIAEA.EXE /FU "C:\windows\TEMP\E_S648C.tmp" /EF "HKCU"
uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [MyImageConverter AppIntegrator 32-bit] C:\PROGRA~2\MyImageConverter_8j\bar\1.bin\AppIntegrator.exe
mRun: [MyImageConverter AppIntegrator 64-bit] C:\PROGRA~2\MyImageConverter_8j\bar\1.bin\AppIntegrator64.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\PC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/Cl ... wsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www.caljobs.ca.gov/controls/smsx.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://ra1.hrblock.com/+CSCOL+/relayp.cab
DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} - hxxps://treehouse.ancestry.com/Internal ... ompMgr.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://intercall.webex.com/client/WBXc ... atgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{79C54E18-5D8E-4DB1-8FCE-AF30B6426D97} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{79C54E18-5D8E-4DB1-8FCE-AF30B6426D97}\77962756C65637374637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{79C54E18-5D8E-4DB1-8FCE-AF30B6426D97}\84F4D454D213234334 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{79C54E18-5D8E-4DB1-8FCE-AF30B6426D97}\C47402E4544575F425B4 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{C84748FF-2CEB-4C81-BB11-9D7476C05A12} : DHCPNameServer = 198.6.1.1 204.117.214.10
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx64.dll
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\mcsniepl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2014-3-17 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2014-4-3 348552]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2014-5-22 66040]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-11-20 13824]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2014-5-22 74560]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\windows\System32\drivers\bpenum.sys [2011-5-18 84480]
R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2011-5-18 182272]
R3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;C:\windows\System32\drivers\bpusb.sys [2011-5-18 83968]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2014-4-3 72128]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-11-21 186152]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-11-21 317440]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2014-4-3 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2014-4-3 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2014-7-24 444720]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-2 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-2 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-11-20 425064]
R3 vrvd5;vrvd5;C:\windows\System32\drivers\vrvd5.sys [2014-7-2 13344]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-11-30 42392]
S3 glancedrv;glancedrv;C:\windows\System32\drivers\glancedrv.sys [2014-12-4 36384]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2014-5-22 197704]
S3 HtcVCom32;HTC Diagnostic Port;C:\windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2014-7-24 96592]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2014-3-3 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2012-6-23 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2012-6-23 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2012-6-23 177640]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-3-3 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2014-3-3 30208]
.
=============== Created Last 30 ================
.
2015-07-15 00:12:47 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74AC06D4-1CF2-402B-B831-E3098FF6B212}\offreg.6076.dll
2015-07-14 23:37:58 12221144 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74AC06D4-1CF2-402B-B831-E3098FF6B212}\mpengine.dll
2015-07-14 03:27:30 -------- d-----w- C:\windows\System32\McAfee File Lock
2015-07-14 01:53:00 -------- d-----w- C:\Users\PC\AppData\Roaming\SUPERAntiSpyware.com
2015-07-14 01:52:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2015-07-14 01:52:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2015-07-14 01:44:52 -------- d-----w- C:\Users\PC\AppData\Roaming\QuickScan
2015-07-14 01:44:37 -------- d-----w- C:\Users\PC\AppData\Roaming\OpswatLogs
2015-07-13 23:30:33 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
2015-07-12 18:46:44 -------- d-----w- C:\Users\PC\AppData\Local\{EE7ACA8C-F2DA-40FD-9785-550F770E227F}
2015-07-11 00:34:15 -------- d-sh--w- C:\found.001
2015-07-09 15:30:49 -------- d--h--w- C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2015-07-03 21:52:04 -------- d-----w- C:\Users\PC\AppData\Local\{EF6208C5-C5C9-45F4-B47F-FA4CD63C5E08}
2015-06-25 03:35:35 -------- d-----w- C:\Users\PC\AppData\Local\{FEDA6BC9-3028-4006-A307-F9F94539D8EA}
2015-06-25 03:35:15 -------- d-----w- C:\Users\PC\AppData\Local\{B31A2E0E-656D-4625-8913-1F0C62E43196}
.
==================== Find3M ====================
.
2015-07-12 16:16:57 96784 ----a-w- C:\windows\SysWow64\packet.dll
2015-07-12 16:16:57 369168 ----a-w- C:\windows\System32\wpcap.dll
2015-07-12 16:16:57 35344 ----a-w- C:\windows\System32\drivers\npf.sys
2015-07-12 16:16:57 281104 ----a-w- C:\windows\SysWow64\wpcap.dll
2015-07-12 16:16:57 106000 ----a-w- C:\windows\System32\packet.dll
2015-06-23 19:30:20 300704 ------w- C:\windows\System32\MpSigStub.exe
2015-05-25 18:24:00 5569984 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-05-25 17:08:39 3206144 ----a-w- C:\windows\System32\win32k.sys
2015-05-25 17:00:56 36864 ----a-w- C:\windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:18:41 700416 ----a-w- C:\windows\System32\generaltel.dll
2015-05-22 18:18:29 757248 ----a-w- C:\windows\System32\invagent.dll
2015-05-22 18:18:24 423424 ----a-w- C:\windows\System32\devinv.dll
2015-05-22 18:18:22 1021440 ----a-w- C:\windows\System32\appraiser.dll
2015-05-22 18:18:21 45568 ----a-w- C:\windows\System32\acmigration.dll
2015-05-22 18:18:21 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-05-22 18:13:03 1119232 ----a-w- C:\windows\System32\aeinv.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\windows\System32\wininet.dll
2015-05-21 13:19:52 193536 ----a-w- C:\windows\System32\aepic.dll
2015-05-01 13:17:03 124112 ----a-w- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 102608 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50 5120 ----a-w- C:\windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\windows\System32\spwmp.dll
2015-04-29 18:19:43 12625920 ----a-w- C:\windows\System32\wmploc.DLL
2015-04-29 18:07:12 4096 ----a-w- C:\windows\SysWow64\msdxm.ocx
2015-04-29 18:07:12 4096 ----a-w- C:\windows\SysWow64\dxmasf.dll
2015-04-29 18:07:07 8192 ----a-w- C:\windows\SysWow64\spwmp.dll
2015-04-29 18:05:19 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
2015-04-24 18:17:26 633856 ----a-w- C:\windows\System32\comctl32.dll
2015-04-24 17:56:58 530432 ----a-w- C:\windows\SysWow64\comctl32.dll
2015-04-20 03:17:07 1647104 ----a-w- C:\windows\System32\DWrite.dll
2015-04-20 03:17:07 1179136 ----a-w- C:\windows\System32\FntCache.dll
2015-04-20 02:56:29 1250816 ----a-w- C:\windows\SysWow64\DWrite.dll
.
============= FINISH: 18:34:55.63 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/23/2012 1:27:52 PM
System Uptime: 7/14/2015 4:55:38 PM (2 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | QX311/QX411/QX412/QX511
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz | CPU | 2475/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 365 GiB total, 251.882 GiB free.
D: is FIXED (NTFS) - 547 GiB total, 547.301 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP285: 6/26/2015 10:39:59 AM - Windows Update
RP286: 6/30/2015 10:50:21 AM - Windows Update
RP287: 7/7/2015 10:58:29 AM - Windows Update
RP288: 7/10/2015 10:28:34 PM - Windows Update
RP289: 7/14/2015 5:36:01 PM - Windows Update
.
==== Installed Programs ======================
.
?? ??? ?? Windows Live Mesh ActiveX ???
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
?????????? Windows Live
??????????? ?? Windows Live
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe Acrobat 8 Professional
Adobe AIR
Adobe Flash Player 16 ActiveX
Adobe Reader XI (11.0.11)
Adobe Shockwave Player 12.0
Asmedia ASM104x USB 3.0 Host Controller Driver
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
BCL easyConverter SDK 3 (Word Version) 64
Best Buy pc app
Bing Bar
ChargeableUSB
Cisco Connect
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
Controle ActiveX do Windows Live Mesh para Conexões Remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB3054883) 32-Bit Edition
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
EPSON Printer Software
EPSON Scan
ETDWare PS/2-X64 10.0.7.2_WHQL
Family Tree Maker 2014
Fast Start
Files Opened
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Chrome
Google Update Helper
GoToMeeting 5.3.0.1010
H&R Block Deluxe + Efile + State 2014
H&R Block Utah 2014
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Monitor 2.0
Intel(R) Wireless Display
Intel® PROSet/Wireless WiMAX Software
Java 8 Update 31
Java Auto Updater
Junk Mail filter update
Kontrola Windows Live Mesh ActiveX za daljinske veze
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
McAfee Online Backup
McAfee Security Scan Plus
McAfee SiteAdvisor
McAfee Total Protection
McAfee Virtual Technician
Mesh Runtime
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Forefront UAG endpoint components v4.0.0
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Live Meeting 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Movie Color Enhancer
MSVCRT
MSVCRT_amd64
Multimedia POP
NETGEAR Genie
Norton Online Backup
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Pošta Windows Live
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Rhapsody
ROBLOX Player
ROBLOX Studio
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Recovery Solution 5
Samsung Support Center 1.0
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft Excel 2010 (KB3054845) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054834) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3054835) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3054842) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype™ 7.0
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
SUPERAntiSpyware
swMSM
Unity Web Player
Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965291) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054875) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3054881) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
User Guide
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX control for remote connections
Windows Live Mesh ActiveX kontrola za daljinske veze
Windows Live Mesh ActiveX vadikla attalajiem savienojumiem
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
XFINITY Toolbar
.
==== Event Viewer Messages From Past Week ========
.
7/14/2015 6:14:49 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
7/14/2015 4:58:09 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 169.254.86.72, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
7/14/2015 4:57:41 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/14/2015 4:56:13 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
7/13/2015 9:56:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
7/13/2015 9:56:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service.
7/13/2015 9:56:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
7/13/2015 9:55:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
7/13/2015 9:55:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
7/13/2015 9:30:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
7/13/2015 9:11:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SSDPSRV service.
7/13/2015 8:17:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
7/13/2015 8:17:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
7/13/2015 7:14:39 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
7/13/2015 7:14:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/13/2015 10:08:02 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/13/2015 10:04:33 PM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
7/13/2015 10:02:32 PM, Error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
7/12/2015 9:06:48 AM, Error: Service Control Manager [7034] - The NETGEARGenieDaemon service terminated unexpectedly. It has done this 1 time(s).
7/12/2015 8:35:19 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.
7/12/2015 12:30:01 PM, Error: Service Control Manager [7022] - The Intel(R) Management and Security Application User Notification Service service hung on starting.
7/12/2015 12:24:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
7/12/2015 12:24:59 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/11/2015 10:51:22 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
7/11/2015 10:48:21 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
.
==== End Of File ===========================
tlind
Regular Member
 
Posts: 20
Joined: July 14th, 2015, 8:49 pm
Advertisement
Register to Remove

Re: Slow processing, High CPU usage, freezing

Unread postby wannabeageek » July 16th, 2015, 9:35 pm

Hello tlind, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Step 1.
FRST - Farbar Recovery Scanner Tool Image

Please download FRST64.exe ... by Farbar. Save it to your desktop.

  1. Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.


Step 2.
aswMBR - Scan

ImagePlease download aswMBR.exe Save it to your desktop.
  1. Right click the aswMBR.exe icon... select "Run As Administrator" to run it.
  2. aswmbr uses Avast's virus definition, if prompted to download definitions... reply Yes.
    It may take some time for these definitions to download, please be patient.
  3. Make sure Quick Scan is set in the options... then click the "Scan" button to start the scan.
    The scan wil take a few minutes, please be patient.
  4. On completion... "Scan finished successfully" will be displayed... press the "Save log" button.
  5. You'll be prompted to save a file named "aswMBR.txt"... Save it to your desktop.
  6. Please copy and paste the contents of aswMBR.txt in your next reply.
Note: A file will be created and placed on your desktop when you execute aswMBR, named MBR.dat
This is a copy of your MBR record, before any changes, to be used to recover MBR to previous condition, if problem exist after changes.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.



Step 3.
TSG - SysInfo utility
  • Right mouse click on this link:SysInfo utility
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Right click, select copy and then paste in your next post.



What I need back from you:
Post each separately.
  1. Contents of FRST.txt
  2. Contents of Addition.txt
  3. Contents of aswMBR.txt
  4. Contents of SysInfo results
  5. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Slow processing, High CPU usage, freezing

Unread postby wannabeageek » July 19th, 2015, 12:16 am

Hi tlind.

It has been two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response.
  • If you do not reply within the next 24 hours, this topic will be closed.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Slow processing, High CPU usage, freezing

Unread postby NonSuch » July 20th, 2015, 1:52 am

Due to a failure to respond for 72 hours or more, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27304
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 72 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware