Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Computer Running Extremely Slow

This is a discussion on Computer Running Extremely Slow within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hello, My parents don't know how to take care of a computer and probably click on everything they see. I


 
 
Thread Tools Search this Thread
Old 08-11-2017, 05:53 PM   #1
Registered Member
 
Join Date: May 2005
Posts: 42
OS: xp



Hello,

My parents don't know how to take care of a computer and probably click on everything they see. I imagine there's now a ton of spyware and malware on the computer (probably about 5 years worth) and I highly doubt spybot and CCleaner are going to fix it. I think it requires your help. I do not have access to a Windows Boot CD, but it's Windows 10, so I could probably burn a copy of the CD to use if needed.

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.0
Run by Robert at 20:49:32 on 2017-08-11
Microsoft Windows 10 Home 10.0.15063.0.1252.1.1033.18.3839.1642 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier *Enabled/Updated* {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier *Enabled/Updated* {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton 360 Premier *Enabled* {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\N360.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
C:\WINDOWS\system32\atieclxx.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\N360.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\taskhostw.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Robert\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
c:\windows\system32\taskhostw.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k netsvcs -s BITS
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine32\22.10.0.85\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned>
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.10.0.85\coIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.10.0.85\coIEPlg.dll
uRun: [OneDrive] "C:\Users\Robert\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [EPSON NX420 Series] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\WINDOWS\TEMP\E_SFD4B.tmp" /EF "HKCU"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
dRun: [EPSON NX420 Series] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\WINDOWS\TEMP\E_S86D.tmp" /EF "HKCU"
dRunOnce: [Application Restart #1] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CITRIX~1.LNK - C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://jpass4.bnymellon.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 208.59.247.45 208.59.247.46 192.168.1.1
TCP: Interfaces\{424ee7c6-9434-4c0f-b75a-9e0e166af1b3} : DHCPNameServer = 208.59.247.45 208.59.247.46 192.168.1.1
TCP: Interfaces\{f4bc1c8b-1875-4436-a161-3f915667e927} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\coIEPlg.dll
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\coIEPlg.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\rnmev8of.default-1448735922823\
FF - prefs.js: browser.startup.homepage - hxxps://search.norton.com?o=APN12179&prt=SSS&chn=PIF001&ver=1.0.1.5&tpr=111&guid=2a786961-0257-44a7-ee2c-ecab5c9e3ea5&doi=2017-6-12
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npURLInterceptorPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
FF - plugin: C:\Users\Robert\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\N360x64\160A000.055\symefasi64.sys [2017-7-26 1868416]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20170807.003\BHDrvx64.sys [2017-8-8 1862816]
R1 ccSet_N360;N360 Settings Manager;C:\WINDOWS\System32\drivers\N360x64\160A000.055\ccsetx64.sys [2017-7-26 187520]
R1 ctxusbm;Citrix USB Monitor Driver;C:\WINDOWS\System32\drivers\ctxusbm.sys [2016-10-17 142000]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20170811.001\IDSvia64.sys [2017-8-11 1056920]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\N360x64\160A000.055\ironx64.sys [2017-7-26 301288]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\N360x64\160A000.055\symnets.sys [2017-7-26 566912]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-7-5 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-1-13 238080]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-19 2828016]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-9-28 321056]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2016-9-7 21216]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\n360.exe [2017-7-26 326144]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-7-25 142752]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-7-12 158336]
R3 ITECIRfilter;ITECIR Filter Driver;C:\WINDOWS\System32\drivers\ITECIRfilter.sys [2015-6-3 27856]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2017-3-18 2537984]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-3-18 604160]
R3 Sftfs;Sftfs;C:\WINDOWS\System32\drivers\Sftfslh.sys [2014-10-8 766632]
R3 Sftplay;Sftplay;C:\WINDOWS\System32\drivers\Sftplaylh.sys [2014-10-8 273576]
R3 Sftredir;Sftredir;C:\WINDOWS\System32\drivers\Sftredirlh.sys [2014-10-8 29352]
R3 Sftvol;Sftvol;C:\WINDOWS\System32\drivers\Sftvollh.sys [2014-10-8 23208]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-3-18 220672]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\N360x64\160A000.055\symelam.sys [2017-7-26 24608]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-3-18 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 clwvd;HP Webcam Splitter;C:\WINDOWS\System32\drivers\clwvd.sys [2010-6-18 32880]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-7-25 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-3-18 95648]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-3-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-8-8 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-7-25 757248]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-7-25 277504]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S4 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2017-7-24 166400]
S4 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2017-7-24 128512]
S4 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-11-19 109168]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-08-08 18:26:59 77312 ----a-w- C:\WINDOWS\SysWow64\spbcd.dll
2017-08-08 18:25:59 17366528 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2017-07-31 22:31:50 236016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2017-07-31 22:31:50 236016 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2017-07-29 05:29:44 -------- d-----w- C:\Program Files (x86)\Steam
2017-07-26 12:34:03 810136 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\srtsp64.sys
2017-07-26 12:34:03 566912 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\symnets.sys
2017-07-26 12:34:03 49304 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\srtspx64.sys
2017-07-26 12:34:03 301288 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\ironx64.sys
2017-07-26 12:34:03 24608 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\symelam.sys
2017-07-26 12:34:03 187520 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\ccsetx64.sys
2017-07-26 12:34:03 1868416 ----a-w- C:\WINDOWS\System32\drivers\N360x64\160A000.055\symefasi64.sys
2017-07-26 12:33:42 -------- d-----w- C:\WINDOWS\System32\drivers\N360x64\160A000.055
2017-07-25 13:44:22 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2017-07-25 13:42:41 -------- d-----w- C:\Users\Robert\AppData\Local\DBG
2017-07-25 04:43:44 987648 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2017-07-25 04:36:52 -------- d-----w- C:\WINDOWS\System32\Microsoft
2017-07-25 04:36:52 -------- d-----w- C:\WINDOWS\ServiceProfiles
2017-07-25 01:37:08 -------- d-sh--we C:\ProgramData\Documents
2017-07-25 01:37:08 -------- d-sh--w- C:\Recovery
2017-07-25 01:24:38 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2017-07-25 01:20:37 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2017-07-25 01:20:37 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2017-07-25 01:10:49 -------- d-----w- C:\ProgramData\USOShared
2017-07-25 01:09:05 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
2017-07-25 01:09:00 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2017-07-25 01:02:52 -------- d-----w- C:\Program Files\Common Files\EPSON
2017-07-25 01:02:49 2233344 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2017-07-25 01:02:48 -------- d-----w- C:\ProgramData\EPSON
2017-07-25 01:02:26 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2017-07-25 01:02:12 -------- d-----w- C:\ProgramData\SonicFocus
2017-07-25 01:02:06 -------- d-----w- C:\Program Files\Realtek
2017-07-25 01:02:05 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2017-07-25 01:00:47 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2017-07-25 01:00:05 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2017-07-20 12:44:40 -------- dc----w- C:\WINDOWS\Panther
2017-07-15 15:37:21 -------- d-----w- C:\Users\Robert\AppData\Roaming\Roxio Log Files
2017-07-15 12:39:48 -------- d-----w- C:\ProgramData\VTech
2017-07-15 12:33:25 934912 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtNetwork4.dll
2017-07-15 12:33:25 434040 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\UninstallWizard.exe
2017-07-15 12:33:24 7826432 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
2017-07-15 12:33:24 527240 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
2017-07-15 12:33:24 335360 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
2017-07-15 12:33:24 268800 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
2017-07-15 12:33:24 2150400 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
2017-07-13 20:47:44 -------- d-----w- C:\ProgramData\Gibraltar
.
==================== Find3M ====================
.
2017-08-01 02:39:54 8319392 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-08-01 02:38:47 406544 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2017-08-01 02:38:08 382368 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2017-08-01 02:36:56 119712 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2017-08-01 02:36:49 323488 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2017-08-01 02:36:29 750496 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-08-01 02:35:13 280472 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe
2017-08-01 02:35:09 133904 ----a-w- C:\WINDOWS\SysWow64\WerFaultSecure.exe
2017-08-01 02:34:39 610584 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2017-08-01 02:34:36 359552 ----a-w- C:\WINDOWS\SysWow64\Faultrep.dll
2017-08-01 02:34:32 349600 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2017-08-01 02:34:32 168864 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2017-08-01 02:33:57 473240 ----a-w- C:\WINDOWS\System32\policymanager.dll
2017-08-01 02:32:37 2444704 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-08-01 02:32:23 712600 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2017-08-01 02:32:04 820128 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2017-08-01 02:31:56 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-08-01 02:31:49 212384 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2017-08-01 02:31:01 176024 ----a-w- C:\WINDOWS\SysWow64\basecsp.dll
2017-08-01 02:30:52 315288 ----a-w- C:\WINDOWS\System32\WerFault.exe
2017-08-01 02:30:50 143736 ----a-w- C:\WINDOWS\System32\WerFaultSecure.exe
2017-08-01 02:30:25 723680 ----a-w- C:\WINDOWS\System32\wer.dll
2017-08-01 02:30:21 82336 ----a-w- C:\WINDOWS\System32\drivers\vmbkmcl.sys
2017-08-01 02:30:18 410160 ----a-w- C:\WINDOWS\System32\Faultrep.dll
2017-08-01 02:30:16 182688 ----a-w- C:\WINDOWS\System32\wermgr.exe
2017-08-01 02:30:09 411040 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2017-08-01 02:26:58 204192 ----a-w- C:\WINDOWS\System32\basecsp.dll
2017-08-01 02:20:54 404480 ----a-w- C:\WINDOWS\SysWow64\werui.dll
2017-08-01 02:20:40 154624 ----a-w- C:\WINDOWS\SysWow64\DWWIN.EXE
2017-08-01 02:20:33 2956288 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2017-08-01 02:18:16 13841408 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2017-08-01 02:18:13 2199552 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
2017-08-01 02:17:02 34816 ----a-w- C:\WINDOWS\SysWow64\tokenbinding.dll
2017-08-01 02:16:16 80896 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2017-08-01 02:14:09 35840 ----a-w- C:\WINDOWS\SysWow64\sscore.dll
2017-08-01 02:13:31 127488 ----a-w- C:\WINDOWS\SysWow64\fdeploy.dll
2017-08-01 02:13:30 20504064 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2017-08-01 02:13:12 364032 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2017-08-01 02:12:28 229888 ----a-w- C:\WINDOWS\SysWow64\scksp.dll
2017-08-01 02:10:19 358400 ----a-w- C:\WINDOWS\SysWow64\ieproxy.dll
2017-08-01 02:09:58 394240 ----a-w- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
2017-08-01 02:08:54 267264 ----a-w- C:\WINDOWS\SysWow64\ncryptprov.dll
2017-08-01 02:07:57 2671616 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2017-08-01 02:07:54 5961728 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2017-08-01 0246 798208 ----a-w- C:\WINDOWS\SysWow64\TokenBroker.dll
2017-08-01 02:04:40 6269440 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2017-08-01 02:04:32 3656192 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2017-08-01 01:57:22 23677952 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-08-01 01:45:44 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-08-01 01:45:28 462848 ----a-w- C:\WINDOWS\System32\werui.dll
2017-08-01 01:45:03 92672 ----a-w- C:\WINDOWS\System32\wercplsupport.dll
2017-08-01 01:45:02 1275392 ----a-w- C:\WINDOWS\System32\werconcpl.dll
2017-08-01 01:44:53 184320 ----a-w- C:\WINDOWS\System32\DWWIN.EXE
2017-08-01 01:44:49 77824 ----a-w- C:\WINDOWS\System32\wsqmcons.exe
2017-08-01 01:44:32 83968 ----a-w- C:\WINDOWS\System32\drivers\vmbkmclr.sys
2017-08-01 01:42:55 2199552 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2017-08-01 01:41:48 42496 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2017-08-01 01:41:47 130560 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2017-08-01 01:41:04 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-08-01 01:40:35 290816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2017-08-01 01:39:04 46592 ----a-w- C:\WINDOWS\System32\sscore.dll
2017-08-01 01:38:49 143872 ----a-w- C:\WINDOWS\System32\profsvcext.dll
2017-08-01 01:38:21 153088 ----a-w- C:\WINDOWS\System32\fdeploy.dll
2017-08-01 01:37:53 433664 ----a-w- C:\WINDOWS\System32\msIso.dll
2017-08-01 01:37:29 582656 ----a-w- C:\WINDOWS\System32\SmsRouterSvc.dll
2017-08-01 01:37:09 255488 ----a-w- C:\WINDOWS\System32\scksp.dll
2017-08-01 01:35:14 692736 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2017-08-01 01:34:37 805888 ----a-w- C:\WINDOWS\System32\ieproxy.dll
2017-08-01 01:33:49 1269760 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2017-08-01 01:33:28 315904 ----a-w- C:\WINDOWS\System32\ncryptprov.dll
2017-08-01 01:32:47 7336960 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-08-01 01:32:37 176640 ----a-w- C:\WINDOWS\System32\wersvc.dll
2017-08-01 01:31:25 4445696 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2017-08-01 01:31:03 1396736 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2017-08-01 01:30:43 8209920 ----a-w- C:\WINDOWS\System32\Chakra.dll
2017-08-01 01:30:42 303104 ----a-w- C:\WINDOWS\System32\srvsvc.dll
2017-08-01 01:30:27 1052160 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2017-08-01 01:30:18 2055168 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2017-08-01 01:30:09 3377664 ----a-w- C:\WINDOWS\System32\tquery.dll
2017-08-01 01:28:51 2516480 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2017-08-01 01:28:43 4730368 ----a-w- C:\WINDOWS\System32\jscript9.dll
2017-08-01 01:27:25 574464 ----a-w- C:\WINDOWS\System32\configmanager2.dll
2017-08-01 01:27:05 482816 ----a-w- C:\WINDOWS\System32\dmenrollengine.dll
2017-08-01 01:26:03 323584 ----a-w- C:\WINDOWS\System32\DeviceEnroller.exe
2017-08-01 01:25:46 249344 ----a-w- C:\WINDOWS\System32\coredpus.dll
2017-08-01 01:25:41 194048 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2017-08-01 01:25:41 140800 ----a-w- C:\WINDOWS\System32\dmcsps.dll
2017-07-31 15:15:09 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-07-31 15:15:09 177648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-07-28 05:30:35 1068720 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2017-07-28 05:25:32 2399728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-07-28 05:24:52 119904 ----a-w- C:\WINDOWS\System32\dmcmnutils.dll
2017-07-28 05:24:42 116280 ----a-w- C:\WINDOWS\System32\bcd.dll
2017-07-28 05:24:38 2327456 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2017-07-28 05:23:51 723360 ----a-w- C:\WINDOWS\System32\drivers\acpi.sys
2017-07-28 05:23:45 2969888 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2017-07-28 05:22:50 923048 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2017-07-28 05:20:38 279968 ----a-w- C:\WINDOWS\System32\drivers\msiscsi.sys
2017-07-28 05:17:27 660680 ----a-w- C:\WINDOWS\System32\dxgi.dll
2017-07-28 05:16:52 961952 ----a-w- C:\WINDOWS\System32\efscore.dll
.
============= FINISH: 20:51:53.03 ===============
Attached Files
File Type: txt attach.txt (7.0 KB, 5 views)
Diamondback424 is offline  
Sponsored Links
Advertisement
 
Old 08-11-2017, 05:54 PM   #2
Registered Member
 
Join Date: May 2005
Posts: 42
OS: xp



thanks in advance for the help!
Diamondback424 is offline  
Old 08-25-2017, 07:28 AM   #3
Registered Member
 
Join Date: May 2005
Posts: 42
OS: xp



bump, please
Diamondback424 is offline  
Sponsored Links
Advertisement
 
Old 08-25-2017, 07:45 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



I see no sign of infection in your logs. Slowness does not necessarily imply malware.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 09-01-2017, 02:05 PM   #5
Registered Member
 
Join Date: May 2005
Posts: 42
OS: xp



Hmm really? I don't know what it could be. I've run Malwarebytes and antivirus scans in safe mode as well as checked disk cleanup and defragmented the hard drive. I'm really at a loss as to what could be doing it. It's not an old computer for internet and other basic use (we don't game on it at all). Any ideas as to what I can check next?
Diamondback424 is offline  
Old 09-02-2017, 08:36 PM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



I suggest you seek expert advice in our Windows 10 Support Forum or Hardware Support Forum

Let them know you were here first and were cleared of malware.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
so much ram
my computer is using 15.7/16 gb of ram for no reason. I'm just browsing the web and I got 15.7/16 gb of ram being used. Nothing showing in task manager as being high
Eject Windows 10 Support 21 10-07-2015 02:04 PM
[SOLVED] My pc got slow !!!
Good day everybody. My pc is getting sometimes running slow, sometimes startup and running normal. I believe I have something wrong here and need help to get it back normal. Here is pc spec. :
sinan Windows 8, 8.1 Support 13 12-04-2014 05:31 PM
Internet Time Sync Not Syncing On Bootup
Clock settings say computer is set to automatically synchronize with time.windows.com and "set on a scheduled basis" but when I click change settings it tells me I don't have permission to change and contact admin. I am in my admin account. What I noticed is the clock is running like 2X it normal...
piotrowr2012 Windows 7 , Windows Vista Support 26 03-02-2013 06:06 PM
How to Factory Restore your Computer
How to Factory Restore your Computer This tutorial will guide you on how to do a system restore on your Windows computer. Below make sure you read and follow only the tutorial that matches your computer. If an error occurs during the restore process, stop the process and post in the appropriate...
Masterchiefxx17 Windows XP Support 0 03-24-2012 08:11 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 07:16 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts