PDA

View Full Version : Laptop slow, runs very hot and shuts down without warning


DMama
2012-12-06, 22:30
My laptop is running very slowly, the fan is constantly running and gets the keyboard gets extremely hot, and it shuts off periodically with no warning. Any help would be greatly appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.4.1
Run by Diehlman at 15:39:53 on 2012-12-06
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3838.2139 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Lexmark 4300 Series\lxcemon.exe
C:\Program Files (x86)\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\lxcecoms.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\SelectRebates\SelectRebates.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Users\Public\Humana\GearSyncdana\Humana_GearSync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\SelectRebates\SelectRebatesDownload.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: ShopAtHome Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: ShopAtHome Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Diehlman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
uRun: [StartNow Search Protect] "C:\Program Files (x86)\StartNow Toolbar\search_protect.exe" /RELAY /REPORT /PROTECT
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GearSyncAutoStart] "C:\Users\Public\Humana\GearSyncdana\Humana_GearSync.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Diehlman\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Diehlman\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PAMPER~1.LNK - C:\Users\Diehlman\AppData\Local\Temp\Temp1_PGPregnancyWidget_Win_en_US.zip\PampersPregnancyWidget.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 74.128.17.114 74.128.19.102
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06} : DHCPNameServer = 74.128.17.114 74.128.19.102
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\2375942554132303 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\24160747963747027457563747 : DHCPNameServer = 10.6.53.50 199.180.23.48
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\2796467656D6F6F62786F6D656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\34240275F627B6022456E63686 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\86F6D656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\94E63796768647F575966696F503235303 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{639327CA-3F71-4946-9CDF-B96C60289D06}\C696E6B6379737 : DHCPNameServer = 74.128.17.114 74.128.19.102
TCP: Interfaces\{EBF62EB0-055F-4113-B1B1-AA40DF124230} : DHCPNameServer = 74.128.17.114 74.128.19.102
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [LXCECATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\LXCEtime.dll,RunDLLEntry
x64-Run: [lxcemon.exe] "C:\Program Files (x86)\Lexmark 4300 Series\lxcemon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 4300 Series\ezprint.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Diehlman\AppData\Roaming\Mozilla\Firefox\Profiles\p50nspt3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Swag Bucks Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z127&ocid=zdhp&install_date=20111215
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Users\Diehlman\AppData\Roaming\Mozilla\Firefox\Profiles\p50nspt3.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Diehlman\AppData\Roaming\Mozilla\Firefox\Profiles\p50nspt3.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Diehlman\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Diehlman\AppData\Roaming\Mozilla\Firefox\Profiles\p50nspt3.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2012-6-22 265952]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2007-8-3 293376]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-3-4 58456]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-3-3 51672]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-8-2 54136]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-4-23 210784]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-4-23 2175328]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2010-7-27 271712]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-7-27 339040]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-7-27 6465632]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2010-4-3 32096]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-4 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 RsFx0150;RsFx0150 Driver;C:\Windows\System32\drivers\RsFx0150.sys [2010-4-3 313696]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2016-12-03 14:13:39 -------- d-----w- C:\Program Files\Microsoft Games
2016-12-03 14:13:32 -------- d-----w- C:\Windows\SysWow64\BestPractices
2016-12-03 14:13:21 -------- d-----w- C:\Windows\System32\BestPractices
2016-12-03 14:13:17 -------- d-----w- C:\inetpub
2012-12-06 16:48:14 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{86E72B4D-8028-414F-96BD-53DE36F0966D}\mpengine.dll
2012-12-06 16:37:32 -------- d-----w- C:\Users\Diehlman\AppData\Local\{3AF8CA57-40AD-4B1A-AA19-DB2B8AFCD0AE}
2012-12-06 16:32:54 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-06 01:58:42 -------- d-----w- C:\Users\Diehlman\AppData\Local\{D328CD57-1F4F-46FB-90F0-2F5F9874B855}
2012-11-30 01:47:13 -------- d-----w- C:\Users\Diehlman\AppData\Local\{E2FB7B02-E14D-4063-8D4B-26BBC8312BC8}
2012-11-29 01:49:52 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3ED8D4A4-743E-479E-8D5B-F111D4A266CD}\gapaengine.dll
2012-11-27 21:16:03 -------- d-----w- C:\Users\Diehlman\AppData\Local\{020717BF-B29D-40E4-9885-E28BD807C1EE}
2012-11-23 13:16:08 -------- d-----w- C:\Users\Diehlman\AppData\Local\{A9B11193-A133-4015-9623-BF837AD3A4B3}
2012-11-23 00:22:45 -------- d-----w- C:\Users\Diehlman\AppData\Local\{571B4762-7C0A-44E8-BDFC-D2A1661476B2}
2012-11-18 01:01:39 -------- d-----w- C:\Users\Diehlman\AppData\Local\Radium Technologies
2012-11-18 01:01:20 -------- dc-h--w- C:\ProgramData\{53E5F7DF-74A8-4617-BD82-9EA5FFDA955D}
2012-11-18 01:00:57 -------- d-----w- C:\Program Files (x86)\Radium Technologies
2012-11-18 01:00:56 -------- d-----w- C:\ProgramData\Radium Technologies
2012-11-18 00:59:56 -------- d-----w- C:\Users\Diehlman\AppData\Local\PackageAware
2012-11-16 14:27:57 -------- d-----w- C:\Users\Diehlman\AppData\Local\{03AE1EDC-3156-4521-A711-5AC6008BB009}
2012-11-16 13:53:58 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 13:53:58 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 13:53:58 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 13:53:58 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 13:08:48 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 13:08:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 13:08:45 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 13:08:44 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 13:08:41 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 13:08:40 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 13:08:40 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 12:18:58 11264 ----a-w- C:\Windows\System32\iisrstap.dll
2012-11-15 12:17:39 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-15 12:17:38 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-10 12:28:44 -------- d-----w- C:\Users\Diehlman\AppData\Local\{047B1C70-9E15-478F-A86D-58B72BD9C7B5}
.
==================== Find3M ====================
.
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-14 00:02:48 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-14 00:02:47 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 15:41:22.92 ===============

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-06 15:45:28
-----------------------------
15:45:28.058 OS Version: Windows x64 6.1.7601 Service Pack 1
15:45:28.058 Number of processors: 2 586 0x301
15:45:28.060 ComputerName: DIEHLMAN-PC UserName: Diehlman
15:45:29.310 Initialize success
15:47:02.786 AVAST engine defs: 12120601
15:47:20.642 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
15:47:20.647 Disk 0 Vendor: Hitachi_HTS542525K9SA00 BBFOC33P Size: 238475MB BusType: 11
15:47:20.655 Disk 0 MBR read successfully
15:47:20.662 Disk 0 MBR scan
15:47:20.674 Disk 0 Windows 7 default MBR code
15:47:20.699 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
15:47:20.748 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 236974 MB offset 3074048
15:47:20.930 Disk 0 scanning C:\Windows\system32\drivers
15:47:51.456 Service scanning
15:49:40.758 Modules scanning
15:49:40.793 Disk 0 trace - called modules:
15:49:40.827 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:49:40.839 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800498c060]
15:49:40.853 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa80047ac060]
15:49:42.280 AVAST engine scan C:\Windows
15:49:47.180 AVAST engine scan C:\Windows\system32
16:04:18.578 AVAST engine scan C:\Windows\system32\drivers
16:04:52.156 AVAST engine scan C:\Users\Diehlman
16:15:19.799 Disk 0 MBR has been saved successfully to "C:\Users\Diehlman\Documents\MBR.dat"
16:15:20.008 The log file has been saved successfully to "C:\Users\Diehlman\Documents\aswMBR.txt"
ken545
2012-12-07, 16:57
:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Running programs with Vista or Windows 7 , Right Click on the program and select RUN AS ADMINISTATOR



If cleaning up your system some does not correct the heat problem than it may be hardware related. They call these laptops but should never be run on your lap or on a bed on top of blankets as the vents will be blocked preventing proper cooling



You have some add on tool bars that are not needed and one can use a lot of system resources.


Go here (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and download AdwCleaner to your desktop


Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.





Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please







OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
DMama
2012-12-08, 01:58
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.07.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Diehlman :: DIEHLMAN-PC [administrator]

Protection: Enabled

12/7/2012 7:27:44 PM
mbam-log-2012-12-07 (19-27-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 249246
Time elapsed: 9 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 30
C:\Users\Diehlman\Downloads\SetupRG (10).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (11).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (12).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (13).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (14).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (15).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (17).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (18).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (19).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (20).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (21).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (22).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (23).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (24).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (25).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (26).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (27).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (28).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (29).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (3).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (30).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\SetupRG (4).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (1).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (2).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (3).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (4).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (5).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (6).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario (7).exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Diehlman\Downloads\super-mario.exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.

(end)
DMama
2012-12-08, 02:00
# AdwCleaner v2.011 - Logfile created 12/07/2012 at 19:59:53
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Diehlman - DIEHLMAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Diehlman\Downloads\AdwCleaner(1).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\Diehlman\AppData\Roaming\Mozilla\Firefox\Profiles\p50nspt3.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Diehlman\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [23537 octets] - [07/12/2012 12:56:26]
AdwCleaner[R2].txt - [1105 octets] - [07/12/2012 19:12:39]
AdwCleaner[R3].txt - [976 octets] - [07/12/2012 19:59:53]
AdwCleaner[S1].txt - [24124 octets] - [07/12/2012 12:57:19]
AdwCleaner[S2].txt - [1166 octets] - [07/12/2012 19:13:07]

########## EOF - C:\AdwCleaner[R3].txt - [1156 octets] ##########
ken545
2012-12-08, 05:10
OK, lets see a OTL log and we can do some cleaning
ken545
2012-12-11, 09:49
Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.