Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer constantly says high cpu usage by ie


  • Please log in to reply
19 replies to this topic

#1 jmichaels9999

jmichaels9999

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 12 December 2014 - 09:11 PM

HP pavilion dv5-1235dx laptop always saying, "high cpu usage by internet explorer" even when I only have 1 window open...windows recently promped me to install recommended updates and since then it's been worse then ever.  Before that it would happen, but not as often.  Now it seems like everytime I'm on the web it says it.  Should I just do a system restore back to before I installed updates or should something else be done?

Thanking you in advance.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 15 December 2014 - 12:24 AM

Hello jmichaels9999

Please try to download these few programs to desktop, and Copy and Paste any logs.

Please update us if you notice any change in computer operations (good or bad)

 

Note : All programs are free, and so is all help .......... Try to keep them in the order I have asked for them, and take your time.

 

First -

Download Screen317 Security Check from Here or Here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please Copy/Paste the contents of that document.

Note 1:: If any security program requests permission to access the Internet, allow it to
Note 2. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message, (or similar) restart computer and Security Check should run

 

 

 

Next -

Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • Flush DNS
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

 Click Go and Copy / Paste the result. (result.txt)

 

 

Next -

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<= Full Directions Here (only Copy / Paste the link)

 

 

Next -

Please download and run RKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

Do not reboot your computer until you complete the next step.

 

Next -

Please download AdwCleaner by Xplode and save to your Desktop.
NOTE - Close all other programs, as your computer will be rebooted at the end of Cleaning.

  • Double-click on AdwCleaner.exe to run the tool
  • * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the "Scan" button only once to ensure a correct reading
  • AdwCleaner will begin...be patient as the scan may take some time to complete.(watch the bar go across the top)
  • After the scan has finished, click on the Report button...
  • Check the removals and see if you are OK with the list, or ask if you are not sure.
  • Now
  • Click on the "Clean" button only once to ensure a correct reading
  • Press OK > OK  > OK when asked to agree, and let it close all programs.
  • Follow the onscreen prompts and your computer will be rebooted to clean the items listed.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and Paste the contents of that logfile in your next reply.
  • To restore an item that has been deleted by accident : Open the program again,
  • Go to Tools (top left) > Quarantine Manager > check what you want restored > now click on Restore

A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

Last -

Please download Malwarebytes Anti-Malware

  • Follow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked th re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

 

From here we can see a lot more about your problems -

 

Thank You -


Edited by noknojon, 15 December 2014 - 12:37 AM.


#3 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 15 December 2014 - 04:27 PM

Results of screen317's Security Check version 0.99.93 
 Windows Vista Service Pack 2 x64 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 7 
 Java version 32-bit out of Date!
  Adobe Flash Player  15.0.0.246 Flash Player out of Date! 
 Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent```````` 
 WinPatrol winpatrol.exe
 Ruiware WinPatrol WinPatrol.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

 

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Mike (administrator) on 15-12-2014 at 16:16:16
Running from "C:\Users\Mike\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.
========================= Hosts content: =================================

 

127.0.0.1       localhost

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/14/2014 08:41:37 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16599 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 30e4
Start Time: 01d017d5e4dc6749
Termination Time: 176

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Mike-PC.local already in use; will try Mike-PC-2.local instead

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Mike-PC.local. Addr 192.168.1.3

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353    4 Mike-PC.local. Addr 192.168.1.2

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Mike-PC.local. AAAA FE80:0000:0000:0000:70FF:425B:50C2:1434

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353    4 Mike-PC.local. Addr 192.168.1.2

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 Mike-PC.local. Addr 192.168.1.3

Error: (12/14/2014 08:12:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353    4 Mike-PC.local. Addr 192.168.1.2

Error: (12/13/2014 01:12:11 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Mike-PC.local already in use; will try Mike-PC-2.local instead

Error: (12/13/2014 01:12:11 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Mike-PC.local. Addr 192.168.1.3

System errors:
=============
Error: (12/14/2014 06:18:09 AM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :20" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/14/2014 06:18:09 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D8F7F9E6-D7B4-404F-A412-9050B30F3592} because another computer on the network has the same name.  The server could not start.

Error: (12/13/2014 07:17:34 AM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (12/10/2014 05:53:09 PM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :20" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2014 05:53:09 PM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :0" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2014 05:53:09 PM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :0" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2014 05:53:09 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D8F7F9E6-D7B4-404F-A412-9050B30F3592} because another computer on the network has the same name.  The server could not start.

Error: (12/10/2014 05:50:08 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (12/10/2014 05:49:55 PM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :20" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2014 05:49:55 PM) (Source: netbt) (User: )
Description: The name "MIKE-PC        :0" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-26 18:04:03.729
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Mike\AppData\Local\Temp\TEMP.^^^\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-26 18:04:03.613
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Mike\AppData\Local\Temp\TEMP.^^^\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-26 18:04:03.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Mike\AppData\Local\Temp\TEMP.^^^\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-26 18:04:03.381
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Mike\AppData\Local\Temp\TEMP.^^^\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.

 

=========================== Installed Programs ============================
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)
Agere Systems HDA Modem (HKLM-x32\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour (HKLM-x32\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
HP MediaSmart SmartMenu (HKLM\...\{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}) (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM-x32\...\{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}) (Version: 2.0.8 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
iTunes (HKLM-x32\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM-x32\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
ProtectSmart Hard Drive Protection (HKLM-x32\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Synaptics Pointing Device Driver (HKLM-x32\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM-x32\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM-x32\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (x32 Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Language Selector (x32 Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 3998.27 MB
Available physical RAM: 1739.38 MB
Total Pagefile: 8213.8 MB
Available Pagefile: 5378.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.71 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.62 GB) (Free:181.1 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.39 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator            Guest                    Mike                    

**** End of log ****

 

http://speccy.piriform.com/results/SGCDy48BXpWxSDwgvpcHu7b

 

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/15/2014 04:22:48 PM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 12/15/2014 04:23:36 PM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)

 

 

 

 

 



#4 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 15 December 2014 - 05:28 PM

# AdwCleaner v4.105 - Report created 15/12/2014 at 16:31:57
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Mike - MIKE-PC
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

*************************

AdwCleaner[R0].txt - [1390 octets] - [05/12/2014 15:54:43]
AdwCleaner[R1].txt - [1450 octets] - [05/12/2014 15:58:06]
AdwCleaner[R2].txt - [1936 octets] - [15/12/2014 16:27:30]
AdwCleaner[S0].txt - [1307 octets] - [05/12/2014 15:59:30]
AdwCleaner[S1].txt - [1789 octets] - [15/12/2014 16:31:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1849 octets] ##########

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Protection, 12/15/2014 4:42:29 PM, SYSTEM, MIKE-PC, Protection, Malware Protection, Starting,
Protection, 12/15/2014 4:42:29 PM, SYSTEM, MIKE-PC, Protection, Malware Protection, Started,
Protection, 12/15/2014 4:42:29 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Starting,
Update, 12/15/2014 4:42:39 PM, SYSTEM, MIKE-PC, Manual, Rootkit Database, 2014.11.18.1, 2014.12.14.1,
Update, 12/15/2014 4:42:39 PM, SYSTEM, MIKE-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 12/15/2014 4:42:44 PM, SYSTEM, MIKE-PC, Manual, Malware Database, 2014.11.20.6, 2014.12.15.5,
Protection, 12/15/2014 4:42:51 PM, SYSTEM, MIKE-PC, Protection, Refresh, Starting,
Protection, 12/15/2014 4:42:52 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Started,
Protection, 12/15/2014 4:42:52 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Stopping,
Protection, 12/15/2014 4:42:52 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Stopped,
Protection, 12/15/2014 4:43:00 PM, SYSTEM, MIKE-PC, Protection, Refresh, Success,
Protection, 12/15/2014 4:43:00 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Starting,
Protection, 12/15/2014 4:43:00 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Started,
Scan, 12/15/2014 5:07:03 PM, SYSTEM, MIKE-PC, Manual, Start:12/15/2014 4:45:37 PM, Duration:21 min 25 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

(end)

 



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 15 December 2014 - 06:13 PM

Hello jmichaels9999

Please first reset Internet Explorer settings This should be done with Internet Explorer open, not Firefox, Chrome or other browsers.
Click Tools or the Gear icon at the top of the browser > Go down the list to click on Internet Options > Go across to the last tab that should be Advanced >  Click on Advanced and then Reset (near the bottom) > You should get a Confirm box pop up > Tick Delete Personal Settings and now Reset.

 

Now go back to Connections tab > Down to LAN settings and make sure the only box ticked in there is Automatically Detect Settings > Clock OK > Apply > OK to exit.

Once the settings have all been reset, Close that box. Close any other open boxes. Now close I.E. and Reboot your computer.

 

This is step one -

 

Thanks -

 

EDIT - If you have any of THESE Routers then it is just your routers home setting, and no problem.


Edited by noknojon, 15 December 2014 - 06:52 PM.


#6 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 15 December 2014 - 06:50 PM

OK, did everything.



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 15 December 2014 - 07:06 PM

The result was ??

 

It is your own router talking to you. See EDIT above.

Update, 12/15/2014 4:42:39 PM, SYSTEM, MIKE-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 12/15/2014 4:42:44 PM, SYSTEM, MIKE-PC, Manual, Malware Database, 2014.11.20.6, 2014.12.15.5,

Your MBAM Updated itself.. by the reading above .....

Protection, 12/15/2014 4:43:00 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Starting,
Protection, 12/15/2014 4:43:00 PM, SYSTEM, MIKE-PC, Protection, Malicious Website Protection, Started,

These usually just mean that you started a Malware Scan after the Update.

 

 

Just to be safe - Run ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • You can click the square to Uninstall the scanner, but I usually leave it installed, as it is no longer active.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

Thanks -



#8 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 16 December 2014 - 03:21 PM

There were no threats.  It seems to be running better, but every now and then a webpage won't load.  That thinking circle just stays there and a blank page apprears.



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 16 December 2014 - 03:42 PM

Go >> http://get.adobe.com/flashplayer. to update your Flash player

Java™ 6 Update 7 is way out of date (if you wish to use Java) Update Here and remove all old versions.
And go Here to update Adobe Reader.

With each update there is advertising (like Mcafee) that you need to untick as you start the updates ................

 

These will all help your system a great deal, and will speed up the browsing / downloads -

 

Thank You -


Edited by noknojon, 16 December 2014 - 03:44 PM.


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 16 December 2014 - 04:08 PM

You only left a "check log" above, but a scan is not the same.

 

Please download Malwarebytes Anti-Malware - If installed, be sure to Check for Updates, and then scan.

  • Follow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked to re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

 

Thank you -



#11 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 16 December 2014 - 04:35 PM

Sorry about that, I'm re-running Malwarebytes Anti-Malware scan now and will update when done.

Thanks.



#12 jmichaels9999

jmichaels9999
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:36 AM

Posted 16 December 2014 - 05:53 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/16/2014
Scan Time: 4:29:18 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.16.05
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Mike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335223
Time Elapsed: 25 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 16 December 2014 - 06:49 PM

That looks great now -

 

Have you followed my links to update your Adobe Reader / Adobe Flash Player / and Java (if you wish it) yet ..........

 

And how is the computer running ??



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:36 AM

Posted 16 December 2014 - 07:08 PM

I have noticed 1 item that needs attention, and that seems to be your Hard Drive is running very hot -

 

You need to open the computer and Blow / Brush any dust / wool /ETC, out of it.

 

Then if you can, the thermal paste on the Heat Sink fan (main fan) needs cleaning and replacing (usage directions are on the tube)



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:36 AM

Posted 16 December 2014 - 07:37 PM

FYI:
Using Java is an unnecessary security risk...especially using older versions which have vulnerabilities that malicious sites can use to exploit and infect your system.Although Java is commonly used in business environments and many VPN providers still use it, the average user does not need to install Java software.I recommend just uninstalling Java if you don't use it.
* How to Completely Remove Java Using JavaRa
* How do I uninstall Java on my Windows machine?
* Information about the Java Uninstall Tool for Windows

If you're going to use Java, many security researchers and computer security organizations caution users to limit their usage and to disable Java Plug-ins or add-ons in your browsers.

If you need Java for a specific Web site, consider adopting a two-browser approach. If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox, and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site(s) that require(s) it.

Krebs On Security: ...Java

To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates are available. As with any software, unnecessary features should be disabled or removed as appropriate for your environment.

US CERT: Disable Java in web browsers

* How to disable Java Plug-ins or add-ons in common web browsers .
* How to turn off Java on your browser
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users