Computer still not working correctly

Opening any page on web is taking a minute or more for the page to open. Computer was not doing this before.

Thank you for your help


# AdwCleaner v3.216 - Report created 21/07/2014 at 21:18:36
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Joann - JOANNPC
# Running from : C:\Users\Joann\Downloads\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [2137 octets] - [10/03/2014 23:16:59]
AdwCleaner[R1].txt - [2384 octets] - [10/03/2014 23:23:39]
AdwCleaner[R2].txt - [1603 octets] - [11/04/2014 10:48:17]
AdwCleaner[R3].txt - [3290 octets] - [10/07/2014 21:28:31]
AdwCleaner[R4].txt - [1522 octets] - [21/07/2014 21:16:43]
AdwCleaner[S0].txt - [2409 octets] - [10/03/2014 23:29:57]
AdwCleaner[S1].txt - [1676 octets] - [11/04/2014 10:53:27]
AdwCleaner[S2].txt - [3806 octets] - [10/07/2014 21:35:43]
AdwCleaner[S3].txt - [1402 octets] - [21/07/2014 21:18:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1462 octets] ##########





Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/07/2014
Scan Time: 9:27:40 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.21.09
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Joann

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 440562
Time Elapsed: 9 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)






Results of screen317's Security Check version 0.99.86
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 65
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Google Chrome 35.0.1916.153
Google Chrome 36.0.1985.125
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbam.exe
AdTrustMedia PrivDog finalizesetup.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

Is this the same computer we were cleaning in the other thread?

Yes it is I was unable to post there. I stopped checking after a couple days because of no response. Sorry I would have posted there if I could have

Ok. If you have another problem posting please send me a pm. How's the computer running now?

Loading anything is taking a minute or more of the net >.<

Has you ISP always been that slow? Did you contact them?

I have had the same provider for years and everyone else in the house is not having problems with opening pages, downloading etc.

Umm but what is a good speed? Just because I have used them for years doesnt mean service can't be better right

Umm but what is a good speed? Just because I have used them for years doesnt mean service can't be better right

I have Fibre-optics and the ping is 8 ms Upload is 31 Mbps and download is 50.23 mbps.
What browser are you using?

Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page for performing a scan.
  
• Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  
• When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  
• If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  
• Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  
• Copy and paste the contents of these two log files in your next reply.
  

I normally use google chrome to browse





---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17207

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 4.013000 GHz
Memory total: 8486723584, free: 6524690432

Downloaded database version: v2014.07.24.01
Downloaded database version: v2014.07.17.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D501E078

Partition information:

   Partition 0 type is Primary (0x7)
   Partition is ACTIVE.
   Partition starts at LBA: 2048  Numsec = 204800
   Partition file system is NTFS
   Partition is bootable

   Partition 1 type is Primary (0x7)
   Partition is NOT ACTIVE.
   Partition starts at LBA: 206848  Numsec = 1953314816

   Partition 2 type is Empty (0x0)
   Partition is NOT ACTIVE.
   Partition starts at LBA: 0  Numsec = 0

   Partition 3 type is Empty (0x0)
   Partition is NOT ACTIVE.
   Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished





Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.07.24.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17207
Joann :: JOANNPC [administrator]

24/07/2014 1:04:09 AM
mbar-log-2014-07-24 (01-04-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 451071
Time elapsed: 12 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.

• Leave the check mark next to Remove found threats.
  

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2e1d03eb748ba441977abf7c7072cea8
# engine=19334
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-24 11:52:04
# local_time=2014-07-24 07:52:04 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 871100 29121918 0 0
# scanned=328759
# found=4
# cleaned=4
# scan_time=14447
sh=6D6916AFD52B382B1FA4210DB8A11D793A4DA3F2 ft=1 fh=75df31e65a87e142 vn="Win32/VOPackage.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Joann\AppData\Roaming\VOPackage\VOPackage.exe.vir"
sh=B107DC3D0B75C07030BD6AD3374354525A85E882 ft=1 fh=2e2fe6443d52ccb8 vn="Win32/Toolbar.Babylon potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Downloads\installer_adobe_flash_player_English.exe"
sh=6D6916AFD52B382B1FA4210DB8A11D793A4DA3F2 ft=1 fh=75df31e65a87e142 vn="Win32/VOPackage.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Joann\AppData\Local\Temp\LIL3C4C.tmp\VOPackage.exe"
sh=6A95ABAD040AF6769456BCF99756CCE60A41458A ft=1 fh=3f635aaed8ed3d4a vn="Win32/OutBrowse.V potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Joann\Downloads\Player.exe"

Woah that helped things a lot, things are much faster

SassyCat wrote:

Woah that helped things a lot, things are much faster

So, your computer is working much better? Any other issues?

It is working better I can see that but downloading still seems to take long time and so does opening any email files

I normally use google chrome to browse

Does it do the same thing with Internet Explorer?
Let's try one more scan.

Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

• Close any open windows and double click ComboFix.exe to run it.
  
  You will see the following image:
  

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

omboFix 14-07-25.01 - Joann 25/07/2014 22:34:55.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8094.5958 [GMT -4:00]
Running from: c:\users\Joann\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Downloads\7z920(1).exe
c:\users\Downloads\7z920.exe
c:\users\Downloads\Cancel.dll
c:\users\Downloads\CF_UNINST.EXE
c:\users\Downloads\ComboFix.exe
c:\users\Downloads\Final_Fantasy_XI_Seekers_of_Adoulin_Setup.exe
c:\users\Downloads\HORTICULTURE PROGRAM 2012-2013 .pdf
c:\users\Downloads\SecurityCheck(1).exe
c:\users\Downloads\SecurityCheck(2).exe
c:\users\Downloads\SecurityCheck.exe
c:\users\Downloads\SiteBuilderSetup(1).exe
c:\users\Downloads\SiteBuilderSetup(2).exe
c:\users\Downloads\SiteBuilderSetup(3).exe
c:\users\Downloads\SiteBuilderSetup(4).exe
c:\users\Downloads\SiteBuilderSetup(5).exe
c:\users\Downloads\SiteBuilderSetup(6).exe
c:\users\Downloads\SiteBuilderSetup(7).exe
c:\users\Downloads\SiteBuilderSetup.exe
c:\users\Downloads\upd-PCL6-X64-5_2_6_9321.exe
c:\users\Downloads\upd-PS-X64-5_2_6_9321.exe
c:\users\Downloads\Windower-3.431.exe
c:\users\Downloads\winrar-x64-50b8(1).exe
c:\users\Downloads\winrar-x64-50b8.exe
c:\users\Downloads\wrar50b8.exe
c:\users\Joann Resume stuff\~WRL0022.tmp
c:\users\Joann Resume stuff\~WRL0026.tmp
c:\users\Joann Resume stuff\~WRL0087.tmp
c:\users\Joann Resume stuff\~WRL0121.tmp
c:\users\Joann Resume stuff\~WRL0143.tmp
c:\users\Joann Resume stuff\~WRL0193.tmp
c:\users\Joann Resume stuff\~WRL0483.tmp
c:\users\Joann Resume stuff\~WRL0637.tmp
c:\users\Joann Resume stuff\~WRL0663.tmp
c:\users\Joann Resume stuff\~WRL0781.tmp
c:\users\Joann Resume stuff\~WRL0978.tmp
c:\users\Joann Resume stuff\~WRL1049.tmp
c:\users\Joann Resume stuff\~WRL1064.tmp
c:\users\Joann Resume stuff\~WRL1073.tmp
c:\users\Joann Resume stuff\~WRL1138.tmp
c:\users\Joann Resume stuff\~WRL1209.tmp
c:\users\Joann Resume stuff\~WRL1329.tmp
c:\users\Joann Resume stuff\~WRL1403.tmp
c:\users\Joann Resume stuff\~WRL1496.tmp
c:\users\Joann Resume stuff\~WRL1526.tmp
c:\users\Joann Resume stuff\~WRL1569.tmp
c:\users\Joann Resume stuff\~WRL1572.tmp
c:\users\Joann Resume stuff\~WRL1583.tmp
c:\users\Joann Resume stuff\~WRL1584.tmp
c:\users\Joann Resume stuff\~WRL1589.tmp
c:\users\Joann Resume stuff\~WRL1711.tmp
c:\users\Joann Resume stuff\~WRL1912.tmp
c:\users\Joann Resume stuff\~WRL2182.tmp
c:\users\Joann Resume stuff\~WRL2212.tmp
c:\users\Joann Resume stuff\~WRL2217.tmp
c:\users\Joann Resume stuff\~WRL2429.tmp
c:\users\Joann Resume stuff\~WRL2581.tmp
c:\users\Joann Resume stuff\~WRL2704.tmp
c:\users\Joann Resume stuff\~WRL2738.tmp
c:\users\Joann Resume stuff\~WRL2789.tmp
c:\users\Joann Resume stuff\~WRL2804.tmp
c:\users\Joann Resume stuff\~WRL2826.tmp
c:\users\Joann Resume stuff\~WRL3101.tmp
c:\users\Joann Resume stuff\~WRL3342.tmp
c:\users\Joann Resume stuff\~WRL3374.tmp
c:\users\Joann Resume stuff\~WRL3452.tmp
c:\users\Joann Resume stuff\~WRL3510.tmp
c:\users\Joann Resume stuff\~WRL3523.tmp
c:\users\Joann Resume stuff\~WRL3597.tmp
c:\users\Joann Resume stuff\~WRL3711.tmp
c:\users\Joann Resume stuff\~WRL3813.tmp
c:\users\Joann Resume stuff\~WRL3827.tmp
c:\users\Joann Resume stuff\~WRL3865.tmp
c:\users\Joann Resume stuff\~WRL3870.tmp
c:\users\Joann Resume stuff\~WRL3966.tmp
c:\users\Joann Resume stuff\~WRL4076.tmp
c:\users\Joann\AppData\Local\Microsoft\Windows\Temporary Internet Files\a25ec79e-5943-49ed-827c-90cb8f098a80.jpg
c:\windows\Fonts\1234
.
.
((((((((((((((((((((((((( Files Created from 2014-06-26 to 2014-07-26 )))))))))))))))))))))))))))))))
.
.
2014-07-26 02:43 . 2014-07-26 02:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-26 01:25 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F3D0985B-E843-462B-84DC-57CCB54B0629}\mpengine.dll
2014-07-24 22:55 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-24 19:38 . 2014-07-24 19:38 -------- d-----w- c:\program files (x86)\ESET
2014-07-24 19:29 . 2014-07-24 19:29 -------- d-----w- c:\program files\Microsoft Silverlight
2014-07-24 19:29 . 2014-07-24 19:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-07-24 05:03 . 2014-07-24 05:03 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-24 05:03 . 2014-07-24 05:03 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-21 13:13 . 2014-07-13 21:56 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-07-21 13:13 . 2014-07-13 21:56 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D93A7757-8D9E-4F8F-B5CC-59F723D8506F}\gapaengine.dll
2014-07-21 05:31 . 2014-07-21 05:31 -------- d-----w- c:\users\Joann\AppData\Local\Stitch Works Software
2014-07-21 05:31 . 2014-07-21 05:31 -------- d-----w- c:\program files (x86)\Crochet Charts
2014-07-21 01:26 . 2014-07-21 01:26 -------- d-----w- c:\program files (x86)\Intwined Studio
2014-07-15 21:47 . 2014-07-15 21:47 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-15 21:47 . 2014-07-10 00:03 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-13 21:53 . 2014-07-13 21:53 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-07-13 21:53 . 2014-07-13 21:53 -------- d-----w- c:\program files\Microsoft Security Client
2014-07-13 11:06 . 2014-06-17 06:57 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA353525-BB48-4AAD-95EE-AC46B8E1D199}\mpengine.dll
2014-07-13 03:35 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-07-13 03:35 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-07-13 03:35 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-07-13 03:35 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-07-12 18:15 . 2014-07-24 05:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-12 17:56 . 2014-07-12 17:56 -------- d-----w- c:\windows\Sun
2014-07-12 17:25 . 2014-07-12 17:25 -------- d-----w- c:\windows\ERUNT
2014-07-12 17:06 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-07-12 17:06 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-12 17:06 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-07-12 17:06 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-07-12 10:36 . 2014-07-21 05:25 -------- d-----w- c:\users\Joann\AppData\Roaming\Favor Software
2014-07-12 07:01 . 2014-07-12 07:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-07-12 05:22 . 2014-07-12 06:51 -------- d-----w- c:\users\Administrator
2014-07-12 04:41 . 2014-07-12 04:41 -------- d-----w- c:\users\Joann\AppData\Local\Apps
2014-07-12 02:48 . 2014-07-12 02:48 -------- d-sh--w- c:\users\Joann\AppData\Local\EmieUserList
2014-07-12 02:48 . 2014-07-12 02:48 -------- d-sh--w- c:\users\Joann\AppData\Local\EmieSiteList
2014-07-12 02:29 . 2001-11-05 13:30 165376 ----a-w- c:\windows\UNWISE.EXE
2014-07-12 02:14 . 2010-11-20 09:03 3584 ----a-w- c:\windows\system32\drivers\en-US\vpchbus.sys.mui
2014-07-11 01:30 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-04 17:08 . 2014-07-04 17:08 -------- d-----w- c:\users\Joann\Mike Long
2014-07-01 00:43 . 2014-07-01 00:47 -------- d-----w- c:\users\Joann\motivational stuff
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 07:01 . 2013-11-01 13:32 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 00:34 . 2013-12-31 04:15 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 00:34 . 2013-12-31 04:15 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-24 18:32 . 2014-05-24 18:33 45056 ----a-w- c:\windows\SysWow64\HSSICore.dll
2014-05-24 18:32 . 2014-05-24 18:33 40960 ----a-w- c:\windows\SysWow64\HS_live.ocx
2014-05-24 18:32 . 2014-05-24 18:33 184320 ----a-w- c:\windows\SysWow64\OESICore.dll
2014-05-24 18:31 . 2014-05-24 18:32 98136 ----a-w- c:\windows\gzip.exe
2014-04-28 15:35 . 2014-04-28 15:46 1164489 ----a-w- c:\windows\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"ComodoFSChrome"="c:\program files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" [2013-10-01 4457640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-09 256896]
.
c:\users\Joann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN334BWGX705KC;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuNetworkPlaces"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 17:04 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31 00:34]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 03:54]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 03:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://ca.yahoo.com?fr=fp-comodo
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6F95E902-4BA3-45BD-B260-9B06B6E99D2A}: NameServer = 156.154.70.22,156.154.71.22
Handler: intu-tt2013 - {9FF5EC07-1645-43BF-828F-C73CFA7BC1AF} - c:\program files (x86)\TurboTax 2013\ic2013pp.dll
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run- - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-Video Downloader_is1 - c:\program files (x86)\Video Downloader\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-25 22:45:07
ComboFix-quarantined-files.txt 2014-07-26 02:45
.
Pre-Run: 892,943,130,624 bytes free
Post-Run: 896,289,869,824 bytes free
.
- - End Of File - - C4E5D7AF5B1727BAA82DB3F51E9C05F0
A36C5E4F47E84449FF07ED3517B43A31

I downloaded a program called Iobit advanced system care ultimate and it found a bunch of little things that needed fixing. So between your amazing help and that program I think wwe are good.   

Thank you again for your help

Ok, we can do some clean up.

This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
  
• Remove disinfection tools
  
• Create Registry backup
  
• Purge System Restore Points
  
• Re-set system settings
  

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
**************************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
****************************************
Go to Microsoft Windows Update and get all critical updates.
----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

# DelFix v10.7 - Logfile created 26/07/2014 at 22:21:58
# Updated 27/04/2014 by Xplode
# Username : Joann - JOANNPC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Joann\Desktop\mbar
Deleted : C:\ComboFix.txt
Deleted : C:\Users\Joann\Downloads\adwcleaner_3.216.exe
Deleted : C:\Users\Joann\Downloads\JRT.exe
Deleted : C:\Users\Joann\Downloads\JavaRa.zip
Deleted : C:\Users\Joann\Downloads\SecurityCheck.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #115 [Scheduled Checkpoint | 07/26/2014 23:26:07]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Ok, stay safe.