[jimbo1949]

I have windows 7 home and it is running really slow need help

[Advertisements]

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

 

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

 

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

 

 

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

 

The report will be saved in the C:\AdwCleaner folder.

 

 

 

Junkware-Removal-Tool

 

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

• Pause your anti-virus.  Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

 

Get Process Explorer

 

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

 

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

 

 

Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

 

Wait a full minute then:

 

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

 

 

Get the free version of Speccy:

 

http://www.filehippo...download_speccy (Look in the upper right for the Download

Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.

 

 

ight click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot. 

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

 

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

 

Copy the next two lines:

 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 

notepad \windows\logs\cbs\junk.txt 

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

 

 

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

 

* System

4. Under 'Select type to list', select:

* Error

* Warning

 

 

Then use the 'Number of events' as follows:

 

 

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

 

 

Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

[RKinner]

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

 

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

 

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

 

 

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

 

The report will be saved in the C:\AdwCleaner folder.

 

 

 

Junkware-Removal-Tool

 

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

• Pause your anti-virus.  Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

 

Get Process Explorer

 

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

 

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

 

 

Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

 

Wait a full minute then:

 

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

 

 

Get the free version of Speccy:

 

http://www.filehippo...download_speccy (Look in the upper right for the Download

Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.

 

 

ight click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot. 

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

 

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

 

Copy the next two lines:

 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 

notepad \windows\logs\cbs\junk.txt 

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

 

 

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

 

* System

4. Under 'Select type to list', select:

* Error

* Warning

 

 

Then use the 'Number of events' as follows:

 

 

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

 

 

Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

[jimbo1949]

# AdwCleaner v5.119 - Logfile created 31/05/2016 at 05:45:26

# Updated 30/05/2016 by Xplode

# Database : 2016-05-30.3 [Server]

# Operating system : Windows 7 Home Premium Service Pack 1 (X86)

# Username : jim - JIM-PC

# Running from : C:\Users\jim\Downloads\AdwCleaner.exe

# Option : Clean

# Support : http://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\ProgramData\ShopperPro

[-] Folder Deleted : C:\ProgramData\UpdateCommon

[-] Folder Deleted : C:\ProgramData\9d9a9a5587f5026b

[#] Folder Deleted : C:\ProgramData\Application Data\ShopperPro

[#] Folder Deleted : C:\ProgramData\Application Data\UpdateCommon

[#] Folder Deleted : C:\ProgramData\Application Data\9d9a9a5587f5026b

[-] Folder Deleted : C:\Program Files\Bench

[-] Folder Deleted : C:\Program Files\FLVM Player

[-] Folder Deleted : C:\Program Files\globalUpdate

[-] Folder Deleted : C:\Program Files\kin kon

[-] Folder Deleted : C:\Program Files\MSR

[-] Folder Deleted : C:\Program Files\suprize

[-] Folder Deleted : C:\Users\jim\AppData\Local\Astromenda

[-] Folder Deleted : C:\Users\jim\AppData\Local\eSupport.com

[-] Folder Deleted : C:\Users\jim\AppData\Local\globalUpdate

[-] Folder Deleted : C:\Users\jim\AppData\Local\Meteoroids

[-] Folder Deleted : C:\Users\jim\AppData\Local\Installer\Install_12104

[-] Folder Deleted : C:\Users\jim\AppData\Local\Installer\Install_12200

[-] Folder Deleted : C:\Users\jim\AppData\Local\Installer\Install_12416

[-] Folder Deleted : C:\Users\jim\AppData\Local\Installer\Install_23152

[-] Folder Deleted : C:\Users\jim\AppData\LocalLow\Goobzo

[-] Folder Deleted : C:\Users\jim\AppData\Roaming\GetPrivate

[-] Folder Deleted : C:\Users\jim\AppData\Roaming\serv

[-] Folder Deleted : C:\Users\jim\AppData\Roaming\UpdaterEX

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agkocbbjgcfpodcpdfpenidadocpcmlj

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpclmfjinbmadbbclhkbabnnecmaaopa

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pdpibhkfkahcjfaebebkiphgenajknae

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci

[#] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jkkngokdooagpeidijbihiofdalckjmh

[#] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmleogbcafbghbdjnfllogganaoipmjh

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi

[-] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfbijbbbahaapcnifdgfpoeifbldnpli

[#] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci

[#] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi

[#] Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nfbijbbbahaapcnifdgfpoeifbldnpli

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agkocbbjgcfpodcpdfpenidadocpcmlj

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpclmfjinbmadbbclhkbabnnecmaaopa

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pdpibhkfkahcjfaebebkiphgenajknae

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci

[#] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jkkngokdooagpeidijbihiofdalckjmh

[#] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmleogbcafbghbdjnfllogganaoipmjh

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi

[-] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfbijbbbahaapcnifdgfpoeifbldnpli

[#] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci

[#] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi

[#] Folder Deleted : C:\Users\jim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nfbijbbbahaapcnifdgfpoeifbldnpli

[-] Folder Deleted : C:\Users\jim\AppData\Local\CrashRpt

 

***** [ Files ] *****

 

[-] File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

[-] File Deleted : C:\user.js

 

***** [ DLLs ] *****

 

 

***** [ WMI ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

[-] Task Deleted : Chrome Launcher

[-] Task Deleted : globalUpdateUpdateTaskMachineCore

[-] Task Deleted : globalUpdateUpdateTaskMachineUA

[-] Task Deleted : GPUP

[-] Task Deleted : IHSelfDeleteTASK

[-] Task Deleted : IHUninstallTrackingTASK

[-] Task Deleted : Optimizer Pro Schedule

[-] Task Deleted : ShopperPro

[-] Task Deleted : ShopperProJSUpd

[-] Task Deleted : Smp

[-] Task Deleted : SomotoUpdateCheckerAutoStart

[-] Task Deleted : SPDriver

[-] Task Deleted : WSE_Astromenda

[-] Task Deleted : PrivacyDR_Start

[-] Task Deleted : PrivacyDR_Popup

[-] Task Deleted : kin_kon_notification_service

[-] Task Deleted : 48_dresses_notification_service

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-1

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-11

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-2

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-3

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-4

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-5

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-5_user

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-7

[-] Task Deleted : 5e2bd934-668a-461f-8279-55fbb5c49811-6

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-1

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-11

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-2

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-3

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-4

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-5

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-5_user

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-6

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-7

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-1

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-11

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-2

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-3

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-4

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-5

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-5_user

[-] Task Deleted : 0e9c535d-1091-4775-9f0e-738b09b5d253-7

[-] Task Deleted : 5e2bd934-668a-461f-8279-55fbb5c49811-6

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-1

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-11

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-2

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-3

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-4

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-5

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-5_user

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-6

[-] Task Deleted : f2eb2ad3-98bd-4b42-ae94-b605851e7b25-7

[-] Task Deleted : SMW_UpdateTask_Time_323732333935393630382d3437415a556c2a3223346c41

[-] Task Deleted : SPBIW_UpdateTask_Time_323732333935393630382d3437415a556c2a3223346c41

 

***** [ Registry ] *****

 

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}

[-] Value Deleted : HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]

[-] Value Deleted : HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]

[-] Value Deleted : HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\SPVC32LDR

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe

[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4

[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [iWebar-bg.exe]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [SmartSaver+ 15-bg.exe]

[-] Key Deleted : HKLM\SOFTWARE\787a8788-cf57-44e9-8fce-97b992990eda

[-] Key Deleted : HKLM\SOFTWARE\95772a1f-f8f5-4ab8-be4a-e364ad27f834

[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd

[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

[-] Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO

[-] Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCEE70C6-FA43-4B67-A889-80AF260D2435}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C09954F-CDA8-4BD1-8794-1D543E050378}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2C09954F-CDA8-4BD1-8794-1D543E050378}]

[-] Key Deleted : HKCU\Software\APN PIP

[-] Key Deleted : HKCU\Software\Browser

[-] Key Deleted : HKCU\Software\BRS

[-] Key Deleted : HKCU\Software\eSupport.com

[-] Key Deleted : HKCU\Software\GlobalUpdate

[-] Key Deleted : HKCU\Software\SoftwareUpdater

[-] Key Deleted : HKCU\Software\suprize

[-] Key Deleted : HKCU\Software\UpdaterEX

[-] Key Deleted : HKCU\Software\Yahoo\Companion

[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates

[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

[-] Key Deleted : HKCU\Software\AppDataLow\Software\click-n-mark

[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

[-] Key Deleted : HKLM\SOFTWARE\AdvertisingSupport

[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate

[-] Key Deleted : HKLM\SOFTWARE\Goobzo

[-] Key Deleted : HKLM\SOFTWARE\Object Browser

[-] Key Deleted : HKLM\SOFTWARE\Quiknowledge

[-] Key Deleted : HKLM\SOFTWARE\SpeedBrowser

[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM

[-] Key Deleted : HKLM\SOFTWARE\Taronja

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Media Player Packages

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1

[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork

[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF917BEA0BDE9E345B42099FC7E14699

[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\DF917BEA0BDE9E345B42099FC7E14699

[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\DF917BEA0BDE9E345B42099FC7E14699

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]

[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

[-] Data Restored : HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Internet Explorer\Main [Search Page]

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www-search.net

 

***** [ Web browsers ] *****

 

 

*************************

 

:: "Tracing" keys deleted

:: Winsock settings cleared

 

*************************

 

C:\AdwCleaner\AdwCleaner[C1].txt - [22686 bytes] - [31/05/2016 05:45:26]

C:\AdwCleaner\AdwCleaner[S1].txt - [23613 bytes] - [30/05/2016 21:10:02]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [22834 bytes] ##########

[jimbo1949]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.6 (04.25.2016)

Operating System: Windows 7 Home Premium x86 

Ran by jim (Administrator) on Tue 05/31/2016 at 20:24:04.76

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 22 

 

Failed to delete: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FG6CGXC7 (Temporary Internet Files Folder) 

Failed to delete: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCMMSHHJ (Temporary Internet Files Folder) 

Successfully deleted: C:\ProgramData\browser (Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\installer (Folder) 

Successfully deleted: C:\Users\jim\Appdata\LocalLow\company (Folder) 

Successfully deleted: C:\Windows\microsoft\system update kb70007 (Folder) 

Successfully deleted: C:\Windows\System32\Tasks\suprize_notification_service (Task)

Successfully deleted: C:\Windows\Tasks\suprize_notification_service.job (Task) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVW5YHL8 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D8JQ1AP6 (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F1MZNKTZ (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKYZ0PUR (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POT01IQB (Temporary Internet Files Folder) 

Successfully deleted: C:\Users\jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6OE0A1P (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVW5YHL8 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D8JQ1AP6 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F1MZNKTZ (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FG6CGXC7 (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKYZ0PUR (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POT01IQB (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6OE0A1P (Temporary Internet Files Folder) 

Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCMMSHHJ (Temporary Internet Files Folder) 

 

 

 

Registry: 2 

 

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3} (Registry Key)

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (Registry Key)

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 05/31/2016 at 20:26:06.83

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jimbo1949]

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

chrome.exe 788 K 3,192 K 2836 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 896 K 4,320 K 6068 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 96,436 K 249,712 K 5644 Google Chrome Google Inc. (Verified) Google Inc

csrss.exe 1,696 K 1,376 K 344

EKAiOHostService.exe 13,728 K 9,860 K 1476 EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company (Verified) Eastman Kodak Company

EKPrinterSDK.exe 1,284 K 1,080 K 1536 Status Monitor SDK for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build) Eastman Kodak Company (Verified) Eastman Kodak Company

GoogleCrashHandler.exe 932 K 520 K 188

hkcmd.exe 1,148 K 1,100 K 3564 hkcmd Module Intel Corporation (Verified) Intel Corporation

LogonUI.exe 7,216 K 1,192 K 1592

lsass.exe 3,304 K 4,172 K 500 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows

lsm.exe 1,300 K 1,052 K 508

services.exe 4,288 K 3,704 K 492

smss.exe 220 K 40 K 256

spoolsv.exe 5,136 K 3,156 K 1264 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

SurSvc.exe 15,284 K 2,348 K 1752 Intel® System Usage Report (Verified) Intel® Software Development Products

svchost.exe 3,824 K 1,180 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,128 K 1,292 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 832 K 888 K 672 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,700 K 2,360 K 2044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 11,712 K 7,892 K 1292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,224 K 2,716 K 616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 21,432 K 12,680 K 776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 63,356 K 23,652 K 4080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 3,568 K 3,604 K 688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

taskeng.exe 896 K 3,560 K 5312

taskeng.exe 984 K 4,032 K 2992 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows

TrustedInstaller.exe 21,544 K 1,424 K 2348 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 956 K 104 K 384

winlogon.exe 2,084 K 100 K 432

WmiPrvSE.exe 1,656 K 4,824 K 3880

wmpnetwk.exe 3,852 K 5,240 K 2912 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows

wuauclt.exe 1,204 K 960 K 972 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher

svchost.exe < 0.01 52,576 K 44,920 K 816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 4,488 K 4,152 K 1444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 9,600 K 8,696 K 376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 33,632 K 19,252 K 844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SASCore.exe 0.01 1,192 K 152 K 1388

csrss.exe 0.01 9,588 K 3,248 K 396

svchost.exe 0.01 19,008 K 7,068 K 1148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 6,356 K 7,512 K 1032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 0.02 28,176 K 7,712 K 3100 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.04 31,652 K 30,104 K 5888 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.04 38,992 K 100,292 K 3920 Google Chrome Google Inc. (Verified) Google Inc

explorer.exe 0.11 41,828 K 45,216 K 2704 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

Interrupts 0.20 0 K 0 K n/a Hardware Interrupts and DPCs

System 0.40 52 K 148 K 4

dwm.exe 1.26 46,476 K 64,960 K 2292 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

esrv_svc.exe 4.61 10,152 K 4,948 K 3348 Intel® System Usage Report (Verified) Intel® Software Development Products

procexp.exe 10.21 18,444 K 42,452 K 3196 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

System Idle Process 83.04 0 K 12 K 0

[RKinner]

In Process Explorer, right click on esrv_svc.exe and select Suspend.  Then make a new log and post it.

[jimbo1949]

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 01/06/2016 6:17:42 AM

 

Note: All dates below are in the format dd/mm/yyyy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 01/06/2016 12:37:29 PM

Type: Error Category: 0

Event: 7022 Source: Service Control Manager

The Energy Server Service WILLAMETTE service hung on starting.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[RKinner]

Guess I should have said In Process Explorer, right click on esrv_svc.exe and select Suspend.  Then make a new Process Explorer log.  

[jimbo1949]

I don't understand where do I find this esrv_svc.exe 

[RKinner]

run process explorer  If it is still using too much CPU it will be the second from the bottom

[jimbo1949]

that does not seem to be in there can't find esrv_svc.exe 

[RKinner]

Make a new process explorer log and post the log.

[jimbo1949]

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

chrome.exe 788 K 3,192 K 2836 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 896 K 4,320 K 6068 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 96,436 K 249,712 K 5644 Google Chrome Google Inc. (Verified) Google Inc

csrss.exe 1,696 K 1,376 K 344

EKAiOHostService.exe 13,728 K 9,860 K 1476 EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company (Verified) Eastman Kodak Company

EKPrinterSDK.exe 1,284 K 1,080 K 1536 Status Monitor SDK for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build) Eastman Kodak Company (Verified) Eastman Kodak Company

GoogleCrashHandler.exe 932 K 520 K 188

hkcmd.exe 1,148 K 1,100 K 3564 hkcmd Module Intel Corporation (Verified) Intel Corporation

LogonUI.exe 7,216 K 1,192 K 1592

lsass.exe 3,304 K 4,172 K 500 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows

lsm.exe 1,300 K 1,052 K 508

services.exe 4,288 K 3,704 K 492

smss.exe 220 K 40 K 256

spoolsv.exe 5,136 K 3,156 K 1264 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

SurSvc.exe 15,284 K 2,348 K 1752 Intel® System Usage Report (Verified) Intel® Software Development Products

svchost.exe 3,824 K 1,180 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,128 K 1,292 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 832 K 888 K 672 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,700 K 2,360 K 2044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 11,712 K 7,892 K 1292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,224 K 2,716 K 616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 21,432 K 12,680 K 776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 63,356 K 23,652 K 4080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 3,568 K 3,604 K 688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

taskeng.exe 896 K 3,560 K 5312

taskeng.exe 984 K 4,032 K 2992 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows

TrustedInstaller.exe 21,544 K 1,424 K 2348 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 956 K 104 K 384

winlogon.exe 2,084 K 100 K 432

WmiPrvSE.exe 1,656 K 4,824 K 3880

wmpnetwk.exe 3,852 K 5,240 K 2912 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows

wuauclt.exe 1,204 K 960 K 972 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher

svchost.exe < 0.01 52,576 K 44,920 K 816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 4,488 K 4,152 K 1444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 9,600 K 8,696 K 376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 33,632 K 19,252 K 844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SASCore.exe 0.01 1,192 K 152 K 1388

csrss.exe 0.01 9,588 K 3,248 K 396

svchost.exe 0.01 19,008 K 7,068 K 1148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 6,356 K 7,512 K 1032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 0.02 28,176 K 7,712 K 3100 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.04 31,652 K 30,104 K 5888 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.04 38,992 K 100,292 K 3920 Google Chrome Google Inc. (Verified) Google Inc

explorer.exe 0.11 41,828 K 45,216 K 2704 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

Interrupts 0.20 0 K 0 K n/a Hardware Interrupts and DPCs

System 0.40 52 K 148 K 4

dwm.exe 1.26 46,476 K 64,960 K 2292 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

esrv_svc.exe 4.61 10,152 K 4,948 K 3348 Intel® System Usage Report (Verified) Intel® Software Development Products

procexp.exe 10.21 18,444 K 42,452 K 3196 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

System Idle Process 83.04 0 K 12 K 0

[RKinner]

esrv_svc.exe 4.61 10,152 K 4,948 K 3348 Intel® System Usage Report (Verified) Intel® Software Development Products

procexp.exe 10.21 18,444 K 42,452 K 3196 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

System Idle Process 83.04 0 K 12 K 0

 

 

 

It's still there, third from the bottom

[jimbo1949]

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 81.03 0 K 12 K 0

procexp.exe 11.38 20,076 K 41,324 K 2396 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

chrome.exe 2.99 45,656 K 101,468 K 3476 Google Chrome Google Inc. (Verified) Google Inc

dwm.exe 1.91 44,464 K 60,376 K 1884 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

System 0.87 48 K 864 K 4

Interrupts 0.52 0 K 0 K n/a Hardware Interrupts and DPCs

chrome.exe 0.52 33,460 K 33,116 K 2132 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.18 11,036 K 11,272 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.12 65,128 K 209,632 K 3576 Google Chrome Google Inc. (Verified) Google Inc

explorer.exe 0.12 82,544 K 100,460 K 1900 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

spoolsv.exe 0.10 4,616 K 7,216 K 1280 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

EKAiOHostService.exe 0.06 14,780 K 28,580 K 1500 EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company (Verified) Eastman Kodak Company

svchost.exe 0.05 15,472 K 13,212 K 736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.04 4,548 K 17,236 K 1472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

csrss.exe 0.04 9,632 K 13,228 K 408 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 6,500 K 10,024 K 1032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SASCore.exe 0.01 1,160 K 3,384 K 1388 Core Service SUPERAntiSpyware.com (Verified) SUPERAntiSpyware.com

SearchIndexer.exe 0.01 19,336 K 12,116 K 2400 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 9,304 K 10,072 K 3008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 20,488 K 31,548 K 904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

taskhost.exe < 0.01 2,524 K 5,992 K 1928 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

wmpnetwk.exe < 0.01 2,904 K 2,524 K 2736 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 44,932 K 49,620 K 856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

csrss.exe < 0.01 1,168 K 3,028 K 340 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

igfxpers.exe < 0.01 976 K 4,236 K 1180 persistence Module Intel Corporation (Verified) Intel Corporation

WmiPrvSE.exe 1,728 K 4,864 K 1200 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

winlogon.exe 2,172 K 4,292 K 444 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 812 K 3,012 K 396 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows

TrustedInstaller.exe 13,356 K 8,412 K 556 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows

taskeng.exe 900 K 3,624 K 2488 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,392 K 5,428 K 688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,488 K 3,848 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 46,704 K 21,292 K 3244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 10,244 K 9,192 K 1316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,372 K 6,244 K 624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,660 K 4,364 K 2472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 3,472 K 7,160 K 1424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 816 K 3,084 K 800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

SurSvc.exe 4,536 K 12,404 K 1828 Intel® System Usage Report (Verified) Intel® Software Development Products

smss.exe 216 K 728 K 256 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows

services.exe 4,312 K 8,008 K 504 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows

lsm.exe 1,196 K 2,832 K 524 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows

lsass.exe 3,012 K 6,972 K 512 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows

jusched.exe 1,724 K 3,612 K 1336 Java Update Scheduler Oracle Corporation (Verified) Oracle America

igfxtray.exe 1,092 K 4,076 K 1052 igfxTray Module Intel Corporation (Verified) Intel Corporation

igfxsrvc.exe 1,348 K 4,220 K 2124 igfxsrvc Module Intel Corporation (Verified) Intel Corporation

hkcmd.exe 1,104 K 3,896 K 1172 hkcmd Module Intel Corporation (Verified) Intel Corporation

GoogleCrashHandler.exe 940 K 520 K 852 Google Crash Handler Google Inc. (Verified) Google Inc

EKPrinterSDK.exe 1,256 K 3,844 K 1696 Status Monitor SDK for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build) Eastman Kodak Company (Verified) Eastman Kodak Company

chrome.exe 5,516 K 9,976 K 2684 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 900 K 4,516 K 2492 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 816 K 3,408 K 2308 Google Chrome Google Inc. (Verified) Google Inc