[azul20]

Hello,

 I am having a problem with my HP Pavilion a6248x PC, running Windows 7 Home Premium x86. There is a serious lag, while navigating around the desktop, and while online. My other device,  that are connected to the same network are not having any problems while online. I have completely uninstalled, and reinstalled Firefox, to see if that will help speed things up. Unfortunately, it did not. My cursor will move across the screen at random times, and drags its feet when it wants to. I have tried setting the cursor speeds all the way up, and changing to a different mouse, but that did not solve the problem. I have run JRT, AdWcleaner, AdAware, Sophos Virus Removal, ESET online scanner, AVAST, CCleaner, and MBAM, in safe mode. These are the scans that I have run over the course of a week, but I did not have more than one antivirus active at the same time. Hard Disk Sentinel reported that my HDD is in perfect health, and I have completed all of my updates. I used the system restore setting, to set the PC back one month. Unfortunately, that did not solve any problems. If someone would please be able to assist me with this issue, I would greatly appreciate it. Thank you for your time.

Ps. This system originally had Vista installed. I upgraded the HDD, and installed 7. The tower has 2 GB of RAM. I understand that this is not very much, but the tower is rarely used for anything other than basic browsing, and word processing. I added this HDD, and Windows 7, months ago, and my needs for this PC have not changed. I do not believe that a lack of RAM is causing all of these problems, or that Windows 7, on a Vista machine, is the reason that I am being slowed down. I say this because I have tried a RAM upgrade, and the problems were still present.  Also, I had 7 successfully installed for a long while, before I started experiencing these issues.

 I have posted my FRST.txt below. Thank you again.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by FOX (administrator) on FOX-PC on 22-03-2015 23:29:15
Running from C:\Users\FOX\Desktop
Loaded Profiles: FOX (Available profiles: FOX & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKU\S-1-5-21-3881909262-2981456966-3499516693-1000\...\MountPoints2: I - I:\TL-Bootstrap.exe
HKU\S-1-5-21-3881909262-2981456966-3499516693-1000\...\MountPoints2: {f27785bd-9db8-11e4-ba73-001bb98d41f0} - I:\setup.exe -a
HKU\S-1-5-21-3881909262-2981456966-3499516693-1000\...\MountPoints2: {f277862a-9db8-11e4-ba73-001bb98d41f0} - I:\TL-Bootstrap.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-19] (Avast Software s.r.o.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\FOX\AppData\Roaming\Mozilla\Firefox\Profiles\miyd55tc.default-1427088453957
FF Homepage: https://www.google.com/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\FOX\AppData\Roaming\Mozilla\Firefox\Profiles\miyd55tc.default-1427088453957\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-19]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-19] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-03-19] (Avast Software)
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 RunSwUSB; C:\Windows\runSW.exe [36864 2012-09-20] () [File not signed]
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S4 WSAC950; C:\Program Files\Belkin\F9L1109\v1\WifiSvc.exe [299008 2012-12-25] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-03-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-03-19] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-03-19] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-03-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-03-19] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427480 2015-03-19] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-03-19] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206976 2015-03-19] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-22] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-11-04] (Secunia)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2589912 2014-03-31] (Realtek Semiconductor Corporation                           )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-03-19] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 23:29 - 2015-03-22 23:29 - 00007859 _____ () C:\Users\FOX\Desktop\FRST.txt
2015-03-22 23:28 - 2015-03-22 23:29 - 00000000 ____D () C:\FRST
2015-03-22 23:27 - 2015-03-22 23:28 - 01135104 _____ (Farbar) C:\Users\FOX\Desktop\FRST.exe
2015-03-22 22:27 - 2015-03-22 22:27 - 00000000 ____D () C:\Users\FOX\Desktop\Old Firefox Data
2015-03-22 20:21 - 2015-03-22 20:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 21:37 - 2015-03-20 21:37 - 00000000 ____D () C:\Users\FOX\Desktop\eBay Photos
2015-03-19 22:41 - 2015-03-19 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-19 22:41 - 2015-03-19 22:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-19 22:38 - 2015-03-19 22:38 - 06958304 _____ (Microsoft Corporation) C:\Users\FOX\Downloads\Silverlight.exe
2015-03-19 22:36 - 2015-03-22 20:04 - 00093182 ____N () C:\Windows\WindowsUpdate.log
2015-03-19 22:36 - 2015-03-19 22:36 - 00003554 _____ () C:\Users\FOX\Desktop\cc_20150319_223635.reg
2015-03-19 20:31 - 2015-03-22 22:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 20:26 - 2015-03-19 20:26 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-19 19:51 - 2015-03-19 19:51 - 03865488 _____ (Secunia) C:\Users\FOX\Downloads\PSISetup.exe
2015-03-19 19:49 - 2015-03-19 19:49 - 00232216 _____ () C:\Users\FOX\Downloads\PSISetup-30515135.exe
2015-03-19 19:39 - 2015-03-19 19:39 - 01055936 _____ (Adobe) C:\Users\FOX\Downloads\install_flashplayer17x32_mssd_aaa_aih.exe
2015-03-19 19:38 - 2015-03-19 19:38 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-19 19:38 - 2015-03-19 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-19 19:38 - 2015-03-19 19:38 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-19 19:38 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 19:38 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-19 19:38 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-19 19:34 - 2015-03-19 19:35 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\FOX\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-19 19:22 - 2015-03-19 19:22 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-19 19:22 - 2015-03-19 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-19 19:22 - 2015-03-19 19:22 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-19 19:17 - 2015-03-19 19:17 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\AVAST Software
2015-03-19 19:16 - 2015-03-19 19:16 - 00002079 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-19 19:16 - 2015-03-19 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-19 19:15 - 2015-03-19 19:15 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00427480 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-19 19:15 - 2015-03-19 19:15 - 00206976 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-19 19:15 - 2015-03-19 19:15 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-19 19:15 - 2015-03-19 19:15 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-19 19:12 - 2015-03-19 19:12 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-19 19:10 - 2015-03-19 19:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-19 19:10 - 2015-03-19 19:09 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-03-19 19:09 - 2015-03-19 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-19 19:09 - 2015-03-19 19:09 - 00000000 ____D () C:\Program Files\Java
2015-03-19 18:54 - 2015-03-22 22:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-19 18:54 - 2015-03-19 18:54 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-19 18:54 - 2015-03-19 18:54 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-19 18:54 - 2015-03-19 18:54 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\Mozilla
2015-03-19 18:54 - 2015-03-19 18:54 - 00000000 ____D () C:\Users\FOX\AppData\Local\Mozilla
2015-03-19 17:25 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-19 17:25 - 2015-01-30 20:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-19 17:25 - 2015-01-30 20:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-19 17:25 - 2015-01-30 17:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-19 17:24 - 2015-03-05 22:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-19 17:24 - 2015-03-05 22:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-19 17:24 - 2015-03-05 22:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-19 17:24 - 2015-03-05 22:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-19 17:24 - 2015-03-05 22:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-19 17:24 - 2015-03-05 22:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-19 17:24 - 2015-03-05 22:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-19 17:24 - 2015-03-05 22:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-19 17:24 - 2015-03-05 22:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-19 17:24 - 2015-02-25 20:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-19 17:24 - 2015-02-23 19:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-19 17:24 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-19 17:24 - 2015-02-20 17:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-19 17:24 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-19 17:24 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-19 17:24 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-19 17:24 - 2015-02-19 19:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-19 17:24 - 2015-02-19 19:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-19 17:24 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-19 17:24 - 2015-02-19 19:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-19 17:24 - 2015-02-19 19:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-19 17:24 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-19 17:24 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-19 17:24 - 2015-02-19 19:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-19 17:24 - 2015-02-19 19:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-19 17:24 - 2015-02-19 18:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-19 17:24 - 2015-02-19 18:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-19 17:24 - 2015-02-19 18:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-19 17:24 - 2015-02-19 18:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-19 17:24 - 2015-02-19 18:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-19 17:24 - 2015-02-19 18:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-19 17:24 - 2015-02-19 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-19 17:24 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-19 17:24 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-19 17:24 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-19 17:24 - 2015-02-19 18:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-19 17:24 - 2015-02-19 18:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-19 17:24 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-19 17:24 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-19 17:24 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-19 17:24 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-19 17:24 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-19 17:23 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-19 17:23 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-19 17:23 - 2015-02-19 21:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-19 17:23 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-19 17:23 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-19 17:23 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-19 17:23 - 2015-02-02 20:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-19 17:23 - 2015-02-02 20:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-19 17:23 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-19 17:23 - 2015-02-02 20:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-19 17:23 - 2015-02-02 20:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-19 17:23 - 2015-01-30 16:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-19 17:23 - 2014-06-27 17:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-19 17:22 - 2015-02-02 20:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-19 17:22 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-19 17:22 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-19 17:22 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-19 17:22 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-19 17:22 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-19 17:22 - 2015-02-02 20:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-19 17:22 - 2015-02-02 20:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-19 17:22 - 2015-02-02 20:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-19 17:22 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-19 17:22 - 2015-02-02 20:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-19 17:22 - 2015-02-02 19:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-19 17:22 - 2014-10-31 15:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-19 17:22 - 2014-06-27 17:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-19 16:59 - 2015-03-19 16:59 - 00493157 _____ () C:\Users\FOX\Documents\bookmarks (3).html
2015-03-19 16:50 - 2015-03-19 16:52 - 00000000 ____D () C:\b2be4b86d3eea629648965
2015-03-19 16:33 - 2015-03-19 17:07 - 00000000 ____D () C:\ComboFix
2015-03-17 20:21 - 2015-03-17 20:21 - 00014871 _____ () C:\ComboFix.txt
2015-03-17 20:07 - 2015-03-19 17:06 - 00000000 ____D () C:\Windows\erdnt
2015-03-17 20:07 - 2015-03-19 16:33 - 00000000 ____D () C:\Qoobox
2015-03-17 19:53 - 2015-03-19 17:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-17 18:36 - 2015-03-17 18:37 - 00000000 ____D () C:\Users\FOX\Documents\Attachments_2015310
2015-03-17 18:36 - 2015-02-11 18:53 - 00000000 ____D () C:\Users\FOX\Documents\Files taken from 8.1 Drive
2015-03-17 18:26 - 2015-03-17 18:26 - 00482927 _____ () C:\Users\FOX\Documents\bookmarks (2).html
2015-03-17 18:23 - 2015-03-17 18:23 - 00252797 _____ () C:\Users\FOX\Documents\bookmarks-2015-03-17.json
2015-03-16 22:00 - 2015-03-16 22:00 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\LavasoftStatistics
2015-03-11 18:59 - 2015-03-11 18:59 - 00202764 _____ () C:\Users\FOX\AppData\Local\census.cache
2015-03-11 18:59 - 2015-03-11 18:59 - 00134070 _____ () C:\Users\FOX\AppData\Local\ars.cache
2015-03-11 18:29 - 2015-03-11 18:29 - 00000010 _____ () C:\Users\FOX\AppData\Local\sponge.last.runtime.cache
2015-03-11 18:23 - 2013-09-27 19:56 - 00289352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-03-11 18:22 - 2015-03-11 18:22 - 00000036 _____ () C:\Users\FOX\AppData\Local\housecall.guid.cache
2015-03-11 18:20 - 2015-03-19 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-03-11 18:20 - 2015-03-11 18:20 - 00002121 _____ () C:\Users\FOX\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-03-11 18:20 - 2015-03-11 18:20 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-03-11 04:18 - 2015-03-05 22:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-10 01:44 - 2015-03-10 01:44 - 00001097 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-03-10 01:44 - 2015-03-10 01:44 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-03-10 01:44 - 2015-03-10 01:44 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\Opera Software
2015-03-10 01:44 - 2015-03-10 01:44 - 00000000 ____D () C:\Users\FOX\AppData\Local\Opera Software
2015-03-10 01:43 - 2015-03-19 17:15 - 00000000 ____D () C:\Program Files\Opera
2015-03-06 22:56 - 2015-03-06 22:56 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-03 16:44 - 2015-03-01 22:45 - 01388333 _____ (Thisisu) C:\Users\FOX\Desktop\JRT_NEW.exe
2015-02-25 22:41 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-21 18:58 - 2015-02-21 18:58 - 00000000 ____D () C:\Windows\system32\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 20:07 - 2009-07-13 21:34 - 00022528 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 20:07 - 2009-07-13 21:34 - 00022528 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 20:06 - 2010-11-20 14:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 20:00 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 03:50 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-03-19 22:34 - 2015-01-16 06:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 20:24 - 2015-01-16 06:33 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-19 20:24 - 2015-01-16 06:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-19 20:24 - 2015-01-16 06:32 - 00000000 ____D () C:\Users\FOX\AppData\Local\Adobe
2015-03-19 19:12 - 2015-01-16 06:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-19 19:10 - 2015-01-18 01:09 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-19 18:06 - 2015-01-18 06:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-19 18:05 - 2015-01-16 12:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-19 18:02 - 2015-01-16 12:33 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-19 17:38 - 2015-02-06 16:34 - 00000000 ____D () C:\Users\FOX\Documents\PDF. Books
2015-03-19 17:35 - 2015-01-23 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-03-19 17:34 - 2015-02-06 22:00 - 00000000 ____D () C:\ProgramData\Sophos
2015-03-19 17:31 - 2015-01-25 19:52 - 00000000 ____D () C:\Users\FOX\AppData\Local\Android
2015-03-19 17:29 - 2015-02-19 20:55 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\BitTorrent
2015-03-19 17:08 - 2015-01-29 07:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2015-03-19 17:08 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-03-19 17:07 - 2015-02-03 11:07 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-03-19 17:07 - 2015-02-03 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder Plus
2015-03-19 17:07 - 2015-02-03 10:47 - 00000000 ____D () C:\Program Files\Top Password
2015-03-19 17:07 - 2015-02-03 03:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazesoft Recover My Password
2015-03-19 17:07 - 2015-02-03 03:41 - 00000000 ____D () C:\Program Files\Lazesoft Recover My Password
2015-03-19 17:07 - 2015-01-31 06:38 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\Hard Disk Sentinel
2015-03-19 17:07 - 2015-01-31 06:36 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel
2015-03-19 17:07 - 2015-01-29 07:00 - 00000000 ____D () C:\Program Files\HD Tune Pro
2015-03-19 17:07 - 2015-01-16 01:16 - 00000000 ____D () C:\Users\FOX
2015-03-19 17:07 - 2009-07-13 19:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-19 17:06 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\registration
2015-03-19 17:05 - 2009-07-13 21:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-19 17:05 - 2009-07-13 19:37 - 00000000 __RHD () C:\Users\Default
2015-03-19 17:05 - 2009-07-13 19:37 - 00000000 ___RD () C:\Users\Public
2015-03-17 20:41 - 2015-02-10 19:10 - 00000000 ____D () C:\AdwCleaner
2015-03-11 01:52 - 2015-01-16 06:34 - 00000000 ____D () C:\Windows\pss
2015-03-07 15:55 - 2015-01-18 06:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-02-28 15:46 - 2015-02-03 11:05 - 00000000 ____D () C:\Users\FOX\AppData\Roaming\PDFConvert
2015-02-24 04:23 - 2015-01-16 02:09 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-11 18:59 - 2015-03-11 18:59 - 0134070 _____ () C:\Users\FOX\AppData\Local\ars.cache
2015-03-11 18:59 - 2015-03-11 18:59 - 0202764 _____ () C:\Users\FOX\AppData\Local\census.cache
2015-03-11 18:22 - 2015-03-11 18:22 - 0000036 _____ () C:\Users\FOX\AppData\Local\housecall.guid.cache
2015-03-11 18:29 - 2015-03-11 18:29 - 0000010 _____ () C:\Users\FOX\AppData\Local\sponge.last.runtime.cache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 00:10

==================== End Of Log ============================

 

[Advertisements]

I'm going on a trip tomorrow so may not get back to you until tomorrow night but your post has been sitting for several days and I guess no one else wants to take it.  There is no obvious sign of malware.

Get Process Explorer

 

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

 

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

 

 

Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

 

Wait a full minute then:

 

File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

 

 

 

 

Get the free version of Speccy:

 

http://www.filehippo...download_speccy(Look in the upper right for the Download

Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  

 

Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.

 

 

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot. 

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

 

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

 

Copy the next two lines:

 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 

notepad \windows\logs\cbs\junk.txt 

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

 

 

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

 

* System

4. Under 'Select type to list', select:

* Error

* Warning

 

 

Then use the 'Number of events' as follows:

 

 

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

 

 

Please post the Output log in your next reply then repeat but select Application.

 

Ron

[RKinner]

I'm going on a trip tomorrow so may not get back to you until tomorrow night but your post has been sitting for several days and I guess no one else wants to take it.  There is no obvious sign of malware.

Get Process Explorer

 

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

 

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

 

 

Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

 

Wait a full minute then:

 

File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

 

 

 

 

Get the free version of Speccy:

 

http://www.filehippo...download_speccy(Look in the upper right for the Download

Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  

 

Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.

 

 

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot. 

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

 

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

 

Copy the next two lines:

 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 

notepad \windows\logs\cbs\junk.txt 

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

 

 

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

 

* System

4. Under 'Select type to list', select:

* Error

* Warning

 

 

Then use the 'Number of events' as follows:

 

 

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

 

 

Please post the Output log in your next reply then repeat but select Application.

 

Ron