[bkp]

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 88.19 0 K 8 K 0

procexp.exe 5.89 24,172 K 52,864 K 1228 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

dwm.exe 2.01 20,664 K 30,304 K 1092 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

iFunBox.exe 1.17 191,348 K 115,736 K 7112 File & App Manager for iPhone/iPad i-Funbox.com (No signature was present in the subject) i-Funbox.com

Interrupts 0.93 0 K 0 K n/a Hardware Interrupts and DPCs

csrss.exe 0.65 1,652 K 7,972 K 660 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

System 0.57 40 K 400 K 4

vpnui.exe 0.35 18,044 K 27,544 K 6292 Cisco AnyConnect User Interface Cisco Systems, Inc. (Verified) Cisco Systems

MsMpEng.exe 0.10 128,832 K 89,556 K 2984 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation

explorer.exe 0.04 67,684 K 98,276 K 5712 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

iPodService.exe 0.03 1,744 K 6,640 K 7800 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.

MOM.exe 0.01 16,436 K 5,800 K 6308 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Verified) Advanced Micro Devices

iCloudServices.exe 0.01 130,244 K 41,696 K 6700 iCloud Services Apple Inc. (Verified) Apple Inc.

AppleMobileDeviceService.exe 0.01 2,552 K 8,588 K 2392 MobileDeviceService Apple Inc. (Verified) Apple Inc.

CCleaner.exe 0.01 7,992 K 19,488 K 7216 CCleaner Piriform Ltd (Verified) Piriform Ltd

svchost.exe < 0.01 2,032 K 8,100 K 3540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

hpqtra08.exe < 0.01 3,008 K 10,760 K 7208 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard

OfficeClickToRun.exe < 0.01 25,400 K 27,592 K 2436 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation

svchost.exe < 0.01 8,196 K 18,116 K 2856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

procexp.exe < 0.01 15,852 K 30,948 K 9256 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

svchost.exe < 0.01 33,044 K 38,256 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

RdrCEF.exe < 0.01 9,356 K 25,484 K 4780 Adobe RdrCEF Adobe Systems Incorporated (Verified) Adobe Systems

csrss.exe < 0.01 1,192 K 4,260 K 524 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

iTunesHelper.exe < 0.01 3,000 K 11,524 K 6348 iTunesHelper Apple Inc. (Verified) Apple Inc.

svchost.exe < 0.01 3,088 K 8,348 K 3556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

spoolsv.exe < 0.01 7,528 K 14,740 K 1952 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

MBAMService.exe < 0.01 13,368 K 26,492 K 3200 Malwarebytes Service Malwarebytes (Verified) Malwarebytes Corporation

WUDFHost.exe 1,400 K 5,888 K 1672 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 1,556 K 7,288 K 1200 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

winlogon.exe 1,740 K 6,896 K 996 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 712 K 3,616 K 644 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher

VSSVC.exe 1,160 K 5,892 K 11760 Microsoft® Volume Shadow Copy Service Microsoft Corporation (Verified) Microsoft Windows

vpnagent.exe 3,724 K 13,556 K 1988 VPN Agent Service Cisco Systems, Inc. (Verified) Cisco Systems

taskhostw.exe 6,528 K 15,944 K 5188 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

SystemSettingsBroker.exe 1,808 K 9,296 K 1648 System Settings Broker Microsoft Corporation (Verified) Microsoft Windows

SystemSettings.exe Suspended 18,508 K 33,364 K 9096 Settings Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 6,876 K 15,076 K 1736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 30,336 K 47,472 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,320 K 23,732 K 1324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,668 K 10,660 K 896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 7,464 K 17,184 K 832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,084 K 7,908 K 2420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 17,320 K 20,096 K 1312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,788 K 10,464 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,916 K 16,932 K 1304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,960 K 10,340 K 1980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,984 K 8,228 K 1892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,744 K 20,356 K 2412 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,860 K 7,396 K 2404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,628 K 4,780 K 9208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,032 K 9,136 K 2696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,820 K 7,680 K 2864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,224 K 15,332 K 5124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

SMSvcHost.exe 15,032 K 11,740 K 3828 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation

SMSvcHost.exe 13,504 K 9,800 K 3552 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation

smss.exe 224 K 768 K 380 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher

smartscreen.exe 9,892 K 19,724 K 10740 SmartScreen Microsoft Corporation (Verified) Microsoft Windows

sihost.exe 4,652 K 17,568 K 5100 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows

ShellExperienceHost.exe Suspended 40,264 K 70,272 K 4760 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows

services.exe 2,788 K 5,940 K 720 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher

SecUPDUtilSvc.exe 852 K 4,244 K 2792 SecUPDUtil Service (Verified) Samsung Electronics CO.

secd.exe 6,428 K 13,460 K 8512 Apple Security Manager Apple, Inc. (Verified) Apple Inc.

SearchUI.exe Suspended 67,724 K 58,360 K 5500 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 25,352 K 24,948 K 2276 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 16,448 K 29,620 K 5544 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

rundll32.exe 3,580 K 244 K 4944 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

RdrCEF.exe 41,892 K 29,260 K 5704 Adobe RdrCEF Adobe Systems Incorporated (Verified) Adobe Systems

OneDrive.exe 17,256 K 23,060 K 6628 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation

NisSrv.exe 7,304 K 2,568 K 5912 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation

MSASCuiL.exe 5,492 K 9,944 K 6356 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows

mqsvc.exe 3,596 K 8,832 K 2820 Message Queuing Service Microsoft Corporation (Verified) Microsoft Windows

MpCmdRun.exe 2,528 K 8,596 K 4384 Microsoft Malware Protection Command Line Utility Microsoft Corporation (Verified) Microsoft Corporation

Memory Compression 736 K 162,332 K 3080

mbamtray.exe 21,288 K 20,580 K 6424 Malwarebytes Tray Application Malwarebytes (Verified) Malwarebytes Corporation

lsass.exe 5,840 K 11,660 K 728 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

jusched.exe 1,112 K 5,484 K 6384 Java Update Scheduler Oracle Corporation (Verified) Oracle America

iCloudPhotos.exe 31,612 K 22,952 K 6592 iCloud Photo Library Apple Inc. (Verified) Apple Inc.

iCloudDrive.exe 13,468 K 23,480 K 6572 iCloud Drive Apple Inc. (Verified) Apple Inc.

iCloud.exe 21,324 K 11,900 K 6376 iCloud Apple Inc. (Verified) Apple Inc.

hpwuschd2.exe 844 K 4,472 K 6320 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company

Fuel.Service.exe 3,072 K 11,304 K 2316 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe 652 K 2,576 K 6840 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows

DymoPnpService.exe 12,144 K 9,732 K 2784 DymoPnpService Sanford, L.P. (Verified) Sanford

dasHost.exe 5,932 K 12,168 K 1712 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows

CCC.exe 73,200 K 9,300 K 6832 Catalyst Control Center: Host application Advanced Micro Devices Inc. (Verified) Advanced Micro Devices

audiodg.exe 6,916 K 10,644 K 5956 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows

atiesrxx.exe 864 K 4,120 K 1540 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 1,700 K 7,412 K 1628 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

armsvc.exe 940 K 4,820 K 2324 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

APSDaemon.exe 3,592 K 12,408 K 7460 Apple Push Apple Inc. (Verified) Apple Inc.

ApplicationFrameHost.exe 6,476 K 18,152 K 5720 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

ApplePhotoStreams.exe 27,224 K 24,100 K 6504 iCloud Photo Stream Apple Inc. (Verified) Apple Inc.

[Advertisements]

Hi bkp

Nothing really jumping out in the processes.

Try the steps in this article here to see if this helps the sleep mode issue.

Let me know how this goes.

[Bruce1270]

Hi bkp

Nothing really jumping out in the processes.

Try the steps in this article here to see if this helps the sleep mode issue.

Let me know how this goes.

[bkp]

Thank you for your assistance so far. 

 

I did try and do a restart and still it just stays on blue screen saying it is restarting.

 

Also when I try and open a picture it doesn't open. 

 

As far as the power setting I did what was listed on the link you gave and I have not notice any change but I really have not play with that too much.

 

BKP

[Bruce1270]

Hi Bkp

I don't see any malware issues in the logs.

What application are you using to open photographs?

Also let's try a clean boot to see if this makes any difference.


Please put your operating system into a clean boot state

To do this follow the steps in this guide.

Once you have done this try opening a photo and see what happens. Also how does the computer behave generally in clean boot state?

[bkp]

I tried to do the suggested above using the windows 10 since that is what I have updated to from windows 7. When I did the restart once again the blue screen came up saying restarting. However after leaving it for 3 to 4 hours I had to do a hard reset.

 

I did again try and open a picture and still locked up. I am not sure what program is opening the photo but my guess it is the default program.

[Bruce1270]

ok Let's try one more scan just to be sure its nothing else.

AswMBR


Download aswMBR.exe ( 511KB ) to your desktop.
If you already have this application, this is a new version I need you to download.
Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
If your computer supports Virtualization Technology, select Yes to use it for rootkit detection.

On completion of the scan click Save Log, save it to your desktop and post in your next reply

The tool will also produce a copy of the mbrdump labeled MBR.dat. Please zip that file and attach it to a reply.

[bkp]

Hello,

 

Here is the log. Still having same issues. Could I have items that need updating? Drivers or other items.

 

 

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software

Run date: 2017-06-28 20:24:40

-----------------------------

20:24:40.452    OS Version: Windows 6.2.9200 

20:24:40.452    Number of processors: 4 586 0x100

20:24:40.452    ComputerName: BRIAN-PC  UserName: bryan

20:24:41.706    Initialize success

20:24:42.655    VM: initialized successfully

20:24:42.655    VM: Amd CPU supported 

20:28:39.332    AVAST engine defs: 17030301

20:29:52.617    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002d

20:29:52.617    Disk 0 Vendor: TOSHIBA_ LV01 Size: 114473MB BusType: 11

20:29:52.848    Disk 0 MBR read successfully

20:29:52.864    Disk 0 MBR scan

20:29:53.049    Disk 0 Windows 7 default MBR code

20:29:53.081    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048

20:29:53.268    Disk 0 Partition 2 00     07      HPFS/NTFS NTFS       113470 MB offset 206848

20:29:53.366    Disk 0 Partition 3 00     27 Hidden NTFS WinRE               450 MB offset 232593408

20:29:53.397    Disk 0 Partition 4 00     27 Hidden NTFS WinRE               450 MB offset 233517056

20:29:53.397    Disk 0 scanning sectors +234438656

20:29:53.681    Disk 0 scanning C:\WINDOWS\system32\drivers

20:30:19.800    Service scanning

20:30:53.174    Service MpKsl6b11b066 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1CE6D3CA-6B6F-4A3F-8840-785349DDDDA7}\MpKsl6b11b066.sys **LOCKED** 32

20:31:20.640    Modules scanning

20:31:20.655    Disk 0 trace - called modules:

20:31:20.678    

20:31:21.695    AVAST engine scan C:\WINDOWS

20:31:24.664    AVAST engine scan C:\WINDOWS\system32

20:37:21.034    AVAST engine scan C:\WINDOWS\system32\drivers

20:37:54.091    AVAST engine scan C:\Users\bryan

20:54:57.894    AVAST engine scan C:\ProgramData

21:02:37.072    Disk 0 statistics 1222542/0/0 @ 0.59 MB/s

21:02:37.082    Scan finished successfully

21:41:34.696    Disk 0 MBR has been saved successfully to "C:\Users\bryan\Desktop\MBR.dat"

21:41:34.781    The log file has been saved successfully to "C:\Users\bryan\Desktop\aswMBR.txt"

[Bruce1270]

Hi bkp

I'm not seeing anything malware related so looks like your issue is more technical which will require a more experienced tech in that field.

Post a new topic in the Windows 10 forum here describing your issues. In your post include a link to this topic and say that you have been sent from the malware section having been given the all clear.

An experienced tech will be along to assist you.

Thanks.