Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Computer running very slowly

This is a discussion on Computer running very slowly within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hi, Just recently my machine has started to run very slowly. Programs are slow to start and my download speed


 
 
Thread Tools Search this Thread
Old 04-25-2017, 03:09 AM   #1
Manager, TSF Articles
 
JohnthePilot's Avatar
 
Join Date: Mar 2006
Location: Cheltenham, near Wales.
Posts: 38,277
OS: Windows 10 Professional, Windows 10 build 14361, Windows 7 Home Premium, Service Pack 1

My System


Hi,

Just recently my machine has started to run very slowly. Programs are slow to start and my download speed has dropped from 150Mbps to 40Mbps, even when everything is turned off. I regularly run SpyBot Pro, Malwarebytes Premium, Zemana and Kaspersky Internet Security Suite and they all return zero problems. I've tried disabling all of those with no effect and I've also run CCleaner and System Mechanic, which shows my system status as good. I'm now at a loss as to what the problem can be. Below is my DDS.txt and attached is my attach.txt.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18639 BrowserJavaVersion: 11.111.2
Run by John at 10:32:20 on 2017-04-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.16349.9371 [GMT 1:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Spybot - Search and Destroy *Enabled/Updated* {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Spybot - Search and Destroy *Enabled/Updated* {A16C3F68-9280-E053-1818-342707FECF4D}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Kaspersky Internet Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe
C:\Program Files (x86)\System Mechanic\iologovernor64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\system32\DbxSvc.exe
C:\Program Files\NetDrive2\mounter.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NordVPN\nordvpn-service.exe
C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
C:\Program Files\NetDrive2\nd2sp.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\RAPID\SamsungRapidSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\John\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
C:\Users\John\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\E_YUBNPE.EXE
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\E_YUBNPE.EXE
C:\Program Files\Core Temp\Core Temp.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\E_YUBNPE.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://192.168.0.6/
mWinlogon: Userinit = userinit.exe,
BHO: Kaspersky Protection: {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Kaspersky Protection Toolbar: {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Soda PDF 8 Toolbar: {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll
TB: Kaspersky Protection Toolbar: {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
uRun: [Avanquest Message] "C:\Users\John\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe"
uRun: [Google Photos Backup] "C:\Users\John\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
uRun: [Epic Privacy Browser Installer] "C:\Users\John\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
mRun: [Bonus.SSR.FR12] "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:1088
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Customize Menu - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Fill Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Show RoboForm Toolbar - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
LSP: %windir%\system32\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.0.5/codebase/DVM_IPCam2.ocx
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0F4EB55E-CD09-4DF0-9DD8-9D3973281C36} : DHCPNameServer = 78.46.223.24 162.242.211.137
TCP: Interfaces\{CFFA7950-3B50-4886-A756-925FDA8A7ECF} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{D4BA916A-32E7-4A20-A3A4-0C2172A2C19D} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D4BA916A-32E7-4A20-A3A4-0C2172A2C19D}\65D433231343533343 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{D4BA916A-32E7-4A20-A3A4-0C2172A2C19D}\65D4731393335303D22374 : DHCPNameServer = 192.168.0.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: Kaspersky Protection: {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-TB: Kaspersky Protection Toolbar: {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup
x64-Run: [SamsungRapidApp] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
x64-Run: [ZAM] "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 spywareinfo.comÂ*-Â*This website is for sale!Â*-Â*spywareinfo Resources and Information.
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8dkzrv6z.default-1489759735055\
FF - prefs.js: browser.startup.homepage - resource://extension-at-one-tab-dot-com/data/onetab.html
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Soda PDF 8\np-previewer.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\John\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll
FF - plugin: C:\Users\John\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2015-5-7 83656]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2015-5-7 43720]
R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);C:\Windows\System32\drivers\cm_km.sys [2016-6-10 238936]
R0 file_tracker;Acronis File Tracker Driver;C:\Windows\System32\drivers\file_tracker.sys [2017-1-23 375136]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2017-1-23 181592]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\Windows\System32\drivers\klbackupdisk.sys [2016-6-7 63920]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;C:\Windows\System32\drivers\SamsungRapidDiskFltr.sys [2015-11-12 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr;C:\Windows\System32\drivers\SamsungRapidFSFltr.sys [2014-9-16 111280]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2017-1-23 1310560]
R0 vsock;vSockets Virtual Machine Communication Interface Sockets driver;C:\Windows\System32\drivers\vsock.sys [2016-9-14 93248]
R1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2015-2-24 49752]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2015-2-15 22240]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\Windows\System32\drivers\klbackupflt.sys [2016-6-15 86352]
R1 klhk;Kaspersky Lab service driver;C:\Windows\System32\drivers\klhk.sys [2017-3-30 314864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2017-3-30 57936]
R1 klpd;Kaspersky Lab format recognizer driver;C:\Windows\System32\drivers\klpd.sys [2016-5-31 45488]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2016-5-17 75696]
R1 Klwtp;KLwtp - WFP callout traffic inspector;C:\Windows\System32\drivers\klwtp.sys [2017-3-30 135904]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2016-6-14 199392]
R1 RawDisk3;RawDisk3;C:\Windows\System32\drivers\rawdsk3.sys [2015-9-6 32912]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2015-2-21 64160]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;C:\Windows\System32\drivers\uim_devim.sys [2015-7-22 25904]
R1 ZAM;ZAM Helper Driver;C:\Windows\System32\drivers\zam64.sys [2017-1-17 203680]
R1 ZAM_Guard;ZAM Guard Driver;C:\Windows\System32\drivers\zamguard64.sys [2017-1-17 203680]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2017-4-13 6086232]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2017-4-10 543112]
R2 AMP;Active Malware Protection Minifilter Driver;C:\Windows\System32\drivers\amp.sys [2016-10-11 181512]
R2 AMPSE;Active Malware Protection Support Driver;C:\Windows\System32\drivers\ampse.sys [2017-4-12 1793288]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 AVP17.0.0;Kaspersky Anti-Virus Service 17.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [2016-6-28 241544]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-1-17 3737792]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2017-4-17 48944]
R2 Dokan_NetDrive2;Dokan_NetDrive2;C:\Program Files\NetDrive2\dokan.sys [2015-3-27 117952]
R2 DokanMounter_Dokan_NetDrive2;DokanMounter_Dokan_NetDrive2;C:\Program Files\NetDrive2\mounter.exe [2015-1-28 28160]
R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2016-5-31 78216]
R2 nordvpn-service;nordvpn-service;C:\Program Files (x86)\NordVPN\nordvpn-service.exe [2017-4-5 410800]
R2 notifierNetDrive2;NetDrive2 Notifier;C:\Program Files\NetDrive2\nd2sp.exe [2015-3-27 75112]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;system32\RAPID\SamsungRapidSvc.exe --> system32\RAPID\SamsungRapidSvc.exe [?]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-2-21 1740760]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-2-21 4088608]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-2-21 235984]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2016-12-21 7013704]
R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-4 10883824]
R2 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2017-4-13 214360]
R2 virtual_file;Acronis Virtual File Driver;C:\Windows\System32\drivers\virtual_file.sys [2017-4-13 324448]
R2 vseamps;vseamps;C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [2016-10-11 122120]
R2 vsedsps;vsedsps;C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [2016-10-11 119560]
R2 vseqrts;vseqrts;C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [2016-10-11 181512]
R2 ZAMSvc;ZAM Controller Service;C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [2017-1-17 14522512]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2015-2-24 161408]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2017-4-11 195296]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2016-5-19 52144]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2015-6-7 41648]
R3 kltap;Kaspersky Security Data Escort Adapter;C:\Windows\System32\drivers\kltap.sys [2016-6-7 52152]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2015-6-18 87696]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2015-6-18 23184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2016-6-29 1030400]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2015-5-7 60640]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2015-2-15 22240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-20 125064]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-6 143144]
S2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-2-16 4355024]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 CisUtMonitor;CisUtMonitor;C:\Windows\System32\drivers\CisUtMonitor.sys [2015-2-24 33360]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-6 143144]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-9-5 131712]
S3 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2016-11-12 152640]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2015-2-21 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-4-12 114688]
S3 klvssbrigde64;klvssbrigde64;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [2016-6-28 77328]
S3 KSDE1.0.0;Kaspersky Secure Connection Service 1.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [2016-6-28 241544]
S3 mmsminisrv;Acronis Managed Machine Service Mini;C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [2017-2-13 4795288]
S3 mobile_backup_server;Acronis Mobile Backup Server;C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2017-1-6 2908352]
S3 mobile_backup_status_server;Acronis Mobile Backup Status Server;C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2017-4-10 1612400]
S3 ptun0901;TAP Adapter V9 for Private Tunnel;C:\Windows\System32\drivers\ptun0901.sys [2016-4-21 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-2-15 19456]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite Platinum\RpcAgentSrv.exe [2017-4-23 137264]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-2-27 317400]
S3 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-6-8 754784]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-9-5 165504]
S3 tapnord;TAP-Windows Adapter V9 | NordVPN-9.21.2;C:\Windows\System32\drivers\tapnord.sys [2016-10-13 35376]
S3 tnd;Acronis Try&Decide filter;C:\Windows\System32\drivers\tnd.sys [2017-1-23 688864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-2-15 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-2-15 30208]
S3 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2017-2-20 915944]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\System32\drivers\ViaHub3.sys [2015-2-15 225792]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-15 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\System32\drivers\xhcdrv.sys [2017-1-26 294912]
S4 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service;C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-1-23 925904]
S4 Altaro.Agent.exe;Altaro VM Backup Engine;C:\Program Files\Altaro\Altaro Backup\Altaro.Agent.exe [2015-9-22 230840]
S4 Altaro.HyperV.WAN.RemoteService.exe;Altaro Offsite Server;C:\Program Files\Altaro\Altaro Backup\BackupServer\Altaro.HyperV.WAN.RemoteService.exe [2015-9-22 187832]
S4 Altaro.SubAgent.exe;Altaro VM Backup Hyper-V Host Agent;C:\Program Files\Altaro\Altaro Backup\Altaro.SubAgent.exe [2015-9-22 114104]
S4 Altaro.UI.Service.exe;Altaro VM Backup Controller;C:\Program Files\Altaro\Altaro Backup\Altaro.UI.Service.exe [2015-9-22 433592]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-8-4 344064]
S4 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
S4 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2013-5-1 651328]
S4 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2015-3-8 144560]
S4 Everything;Everything;C:\Program Files\Everything\Everything.exe [2015-8-11 1441792]
S4 Soda PDF 8 CrashHandler;Soda PDF 8 CrashHandler;C:\Program Files\Soda PDF 8\crash-handler-ws.exe [2016-4-19 920016]
S4 Soda PDF 8 Creator;Soda PDF 8 Creator;C:\Program Files\Soda PDF 8\creator-ws.exe [2016-4-19 733136]
S4 Soda PDF 8 Manager;Soda PDF 8 Manager;C:\ProgramData\LULU Software\Soda PDF 8 Manager\Soda PDF 8\Soda Manager.exe [2016-5-18 887800]
S4 Soda PDF 8;Soda PDF 8;C:\Program Files\Soda PDF 8\ws.exe [2016-4-19 2263504]
.
=============== File Associations ===============
.
ShellExec: Soda PDF 8.exe: edit="C:\Program Files\Soda PDF 8\soda.exe" --file "%1"
ShellExec: Soda PDF 8.exe: open="C:\Program Files\Soda PDF 8\soda.exe" --file "%1"
.
=============== Created Last 30 ================
.
2017-04-23 17:44:21 0 ---ha-w- C:\Users\John\AppData\Local\BITB116.tmp
2017-04-23 09:32:54 -------- d-----w- C:\Program Files\SiSoftware
2017-04-22 03:14:47 12993592 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0D27A8E-4BAE-4833-ACD8-79EB837FD65F}\mpengine.dll
2017-04-17 15:14:04 48944 ----a-w- C:\Windows\System32\DbxSvc.exe
2017-04-15 22:08:49 -------- d--h--w- C:\OneDriveTemp
2017-04-13 10:03:35 324448 ----a-w- C:\Windows\System32\drivers\virtual_file.sys
2017-04-13 10:03:32 214360 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys
2017-04-13 10:03:19 370008 ----a-w- C:\Windows\System32\drivers\snapman.sys
2017-04-13 09:53:21 517907000 ----a-w- C:\Users\John\AppData\Local\AcronisTrueImage2017_8041.exe
2017-04-12 21:53:54 -------- d-----w- C:\Windows\pss
2017-04-12 21:44:24 1793288 ----a-r- C:\Windows\System32\drivers\ampse.sys
2017-04-12 21:44:09 -------- d-----w- C:\ProgramData\Commtouch
2017-04-12 21:44:09 -------- d-----w- C:\Program Files\Common Files\Commtouch
2017-04-12 21:44:09 -------- d-----w- C:\Program Files (x86)\Common Files\Commtouch
2017-04-12 20:00:36 -------- d-----w- C:\ProgramData\ioloGovernor
2017-04-12 20:00:26 -------- d-----w- C:\Users\John\AppData\Roaming\ioloGovernor
2017-04-12 19:59:12 -------- d-----w- C:\Users\John\AppData\Local\iolo
2017-04-12 19:59:12 -------- d-----w- C:\Program Files\Common Files\iolo
2017-04-12 19:58:50 -------- d-----w- C:\Program Files (x86)\System Mechanic
2017-04-12 19:44:31 -------- d-----w- C:\Users\John\AppData\Roaming\iolo
2017-04-12 18:53:41 -------- d-----w- C:\iolo
2017-04-12 18:30:04 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2017-04-12 16:35:36 872376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2017-04-12 16:35:36 65992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2017-04-12 13:55:39 -------- d-sh--w- C:\$RECYCLE.BIN
2017-04-11 22:20:19 110176 ----a-w- C:\Windows\System32\klfphc.dll
2017-04-11 22:20:06 -------- d-----w- C:\Windows\ELAMBKUP
2017-04-11 22:19:57 -------- d-----w- C:\ProgramData\Kaspersky Lab
2017-04-11 22:19:38 195296 ----a-w- C:\Windows\System32\drivers\klflt.sys
2017-04-11 22:16:59 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files
2017-04-10 17:32:02 522632 ----a-w- C:\Windows\System32\GameManager64.dll
2017-04-10 17:32:02 356744 ----a-w- C:\Windows\SysWow64\GameManager32.dll
2017-04-10 17:32:00 543112 ----a-w- C:\Windows\System32\dgtrayicon.exe
2017-04-10 17:30:48 505736 ----a-w- C:\Windows\System32\amdgfxinfo64.dll
2017-04-10 17:29:56 10311560 ----a-w- C:\Windows\System32\amdvlk64.dll
2017-04-10 17:29:52 8470408 ----a-w- C:\Windows\SysWow64\amdvlk32.dll
2017-04-10 17:29:48 166280 ----a-w- C:\Windows\System32\amduve64.dll
2017-04-10 17:29:46 135560 ----a-w- C:\Windows\SysWow64\amduve32.dll
2017-04-10 17:29:42 66952 ----a-w- C:\Windows\System32\amdmmcl6.dll
2017-04-10 17:29:40 82824 ----a-w- C:\Windows\System32\amdmcl64.dll
2017-04-10 17:29:40 54664 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2017-04-10 17:29:38 66440 ----a-w- C:\Windows\SysWow64\amdmcl32.dll
2017-04-10 17:29:36 26826120 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2017-04-10 16:56:40 -------- d-----w- C:\Program Files (x86)\AnvSoft
2017-04-10 11:00:44 -------- d-----w- C:\Users\John\AppData\Local\FileZilla
2017-04-08 23:04:01 -------- d-----w- C:\Program Files (x86)\Kodi
2017-04-05 00:38:18 232016 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2017-03-30 09:15:30 57936 ----a-w- C:\Windows\System32\drivers\klim6.sys
2017-03-30 09:15:30 314864 ----a-w- C:\Windows\System32\drivers\klhk.sys
2017-03-30 09:15:30 135904 ----a-w- C:\Windows\System32\drivers\klwtp.sys
2017-03-28 21:30:26 366568 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2017-03-28 21:30:22 66520 ----a-w- C:\Windows\System32\vnetinst.dll
2017-03-28 21:30:22 46032 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2017-03-28 21:30:22 43992 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2017-03-28 21:30:22 400872 ----a-w- C:\Windows\SysWow64\vmnat.exe
2017-03-28 21:30:13 1149416 ----a-w- C:\Windows\System32\vnetlib64.dll
2017-03-28 21:28:31 -------- d-----w- C:\Program Files (x86)\Common Files\ThinPrint
2017-03-28 21:28:30 -------- d-----w- C:\Program Files\Common Files\VMware
.
==================== Find3M ====================
.
2017-04-25 09:28:20 186304 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys
2017-04-25 09:28:16 82720 ----a-w- C:\Windows\System32\drivers\mwac.sys
2017-04-25 09:28:16 43968 ----a-w- C:\Windows\System32\drivers\mbam.sys
2017-04-25 09:28:16 251832 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2017-04-25 09:28:16 111544 ----a-w- C:\Windows\System32\drivers\farflt.sys
2017-04-24 06:52:49 65536 ----a-w- C:\Windows\System32\spu_storage.bin
2017-04-13 22:58:02 802904 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-04-13 22:58:02 144472 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-04-13 1004 375136 ----a-w- C:\Windows\System32\drivers\file_tracker.sys
2017-04-13 10:03:34 688864 ----a-w- C:\Windows\System32\drivers\tnd.sys
2017-04-13 10:03:31 1310560 ----a-w- C:\Windows\System32\drivers\tib.sys
2017-04-13 05:53:54 77440 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-04-11 22:31:29 199392 ----a-w- C:\Windows\System32\drivers\kneps.sys
2017-04-10 17:32:32 161344 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2017-04-10 17:32:30 207760 ----a-w- C:\Windows\System32\atiuxp64.dll
2017-04-10 17:32:26 7663888 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2017-04-10 17:32:22 9446336 ----a-w- C:\Windows\System32\atiumd64.dll
2017-04-10 17:32:20 143864 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2017-04-10 17:32:18 185088 ----a-w- C:\Windows\System32\atiu9p64.dll
2017-04-10 17:30:52 13254256 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2017-04-10 17:29:22 32732552 ----a-w- C:\Windows\System32\atio6axx.dll
2017-03-25 19:07:13 4604416 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-03-25 18:55:14 2767360 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-03-25 18:48:24 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-03-25 18:47:47 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-03-25 18:47:21 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-03-25 18:46:31 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-03-25 18:46:28 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-03-25 18:45:33 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-03-25 18:45:20 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-03-25 18:45:03 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-03-25 18:44:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-03-25 18:35:43 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-03-25 18:35:29 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-03-25 18:16:09 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-03-25 18:14:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-03-25 18:14:34 417792 ----a-w- C:\Windows\System32\html.iec
2017-03-25 18:13:58 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-03-25 18:13:43 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-03-25 17:56:51 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-03-25 17:56:50 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-03-25 17:56:17 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-03-25 17:45:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-03-25 17:41:08 6045696 ----a-w- C:\Windows\System32\jscript9.dll
2017-03-25 17:30:52 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-03-25 17:19:30 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-03-25 16:57:57 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-03-25 16:57:30 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-03-25 16:27:02 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-03-25 16:24:24 3241472 ----a-w- C:\Windows\System32\wininet.dll
2017-03-24 22:50:50 405504 ----a-w- C:\Windows\System32\gdi32.dll
2017-03-24 22:42:06 313344 ----a-w- C:\Windows\SysWow64\gdi32.dll
2017-03-22 21:21:46 45672 ----a-w- C:\Windows\System32\drivers\dbx-stable.sys
2017-03-22 21:21:46 45672 ----a-w- C:\Windows\System32\drivers\dbx-dev.sys
2017-03-22 21:21:46 45672 ----a-w- C:\Windows\System32\drivers\dbx-canary.sys
2017-03-22 15:32:05 98816 ----a-w- C:\Windows\System32\wudriver.dll
2017-03-22 15:32:05 3165184 ----a-w- C:\Windows\System32\wucltux.dll
2017-03-22 15:32:05 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2017-03-22 15:30:15 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2017-03-22 15:24:42 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2017-03-22 15:15:15 37888 ----a-w- C:\Windows\System32\wuapp.exe
2017-03-22 15:15:08 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2017-03-22 15:05:37 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2017-03-22 15:05:35 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2017-03-22 11:44:34 161408 ----a-w- C:\Windows\System32\drivers\KeyCrypt64.sys
2017-03-21 18:01:38 98264 ----a-w- C:\Windows\System32\vmnetbridge.dll
2017-03-21 18:01:38 66520 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2017-03-21 18:01:38 46040 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2017-03-19 23:48:06 28352 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2017-03-19 23:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2017-03-19 23:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2017-03-19 23:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2017-03-19 23:41:38 30400 ----a-w- C:\Windows\System32\aspnet_counters.dll
2017-03-19 23:41:38 19112 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2017-03-19 23:41:38 19112 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2017-03-19 23:41:38 19112 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2017-03-14 15:34:31 986344 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2017-03-14 15:34:30 265448 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2017-03-14 15:30:37 144384 ----a-w- C:\Windows\System32\cdd.dll
2017-03-10 16:35:56 382696 ----a-w- C:\Windows\System32\atmfd.dll
2017-03-10 16:31:58 41472 ----a-w- C:\Windows\System32\lpk.dll
2017-03-10 16:31:56 100864 ----a-w- C:\Windows\System32\fontsub.dll
2017-03-10 16:31:55 14336 ----a-w- C:\Windows\System32\dciman32.dll
2017-03-10 16:31:53 46080 ----a-w- C:\Windows\System32\atmlib.dll
2017-03-10 16:27:18 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2017-03-10 16:20:40 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2017-03-10 16:19:45 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2017-03-10 16:19:38 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2017-03-10 16:00:56 3219968 ----a-w- C:\Windows\System32\win32k.sys
2017-03-10 15:53:56 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2017-03-08 20:20:26 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2017-03-08 20:10:53 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2017-03-08 04:37:51 631176 ----a-w- C:\Windows\System32\winresume.efi
2017-03-08 04:36:43 706792 ----a-w- C:\Windows\System32\winload.efi
2017-03-08 04:36:43 5548264 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-03-08 04:36:41 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-03-08 04:36:41 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-03-08 04:34:53 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2017-03-08 04:26:43 4000488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2017-03-08 04:26:43 3945192 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 10:39:19.53 ===============
Attached Files
File Type: txt attach.txt (15.3 KB, 15 views)
__________________




Cenedl heb iaith, cenedl heb galon

JohnthePilot is offline  
Sponsored Links
Advertisement
 
Old 05-04-2017, 12:47 AM   #2
Manager, TSF Articles
 
JohnthePilot's Avatar
 
Join Date: Mar 2006
Location: Cheltenham, near Wales.
Posts: 38,277
OS: Windows 10 Professional, Windows 10 build 14361, Windows 7 Home Premium, Service Pack 1

My System


BUMP, please.
__________________




Cenedl heb iaith, cenedl heb galon

JohnthePilot is offline  
Old 05-06-2017, 10:50 PM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

First off, I don't see anything malicious in your logs. Not all slowness issues are due to malware.

Second, did you know you have PC Matic Plugin installed?

We recommend uninstalling it.

------------------------------------------------------

Third...

System Mechanic/System Mechanic Pro

We do not recommend the use of registry cleaners, or the registry cleaner feature of CCleaner. Our colleague miekiemoes has an excellent writeup here

We suggest uninstalling System Mechanic/System Mechanic Pro via Programs and Features in your Control Panel.

------------------------------------------------------

Last, you do realize you are running 3 antivirus applications?

Quote:
AV: Kaspersky Internet Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Spybot - Search and Destroy *Enabled/Updated* {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
It is recommended to only run 1 antivirus on a machine. Please choose only 1 and uninstall the others.

--------------------------------------------------------

Have you tried Safe Mode with Networking? Do you still experience the same problems?

--------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Sponsored Links
Advertisement
 
Old 05-07-2017, 07:51 AM   #4
Manager, TSF Articles
 
JohnthePilot's Avatar
 
Join Date: Mar 2006
Location: Cheltenham, near Wales.
Posts: 38,277
OS: Windows 10 Professional, Windows 10 build 14361, Windows 7 Home Premium, Service Pack 1

My System


Many thanks for your reply.

Thanks for your welcome to TSF, but I've been here longer than you have.

I'm glad to hear that there is no malware present; that was my main concern.

Regarding your other comments:

1. PC Matic is not active. I haven't used it for quite some time.

2. System Mechanic. Contrary to the general consensus, I have never had problems with a registry cleaner and have been using them for nigh on twenty years and wil continue to do so. In my present situation, the registry cleaner was the only thing that had any effect and doubled my download speed and halved my boot up time, although both are still unacceptable.

3. When I started using SpyBot and Malwarebytes they didn't have an antivirus component. So far I've had no problems with conflicts and they both pick up things that Kaspersky doesn't.

I'll see what happens when I run in Safe Mode and will let you know.

EDIT: I've tried three times to start in Safe Mode and each time I get to a blank page with Safe Mode in the corners my machine reboots.
__________________




Cenedl heb iaith, cenedl heb galon

JohnthePilot is offline  
Old 05-07-2017, 02:16 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



I suggest you seek expert advice in our Windows Vista/Windows 7 Support Forum or Hardware Support Forum
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 05-08-2017, 01:36 AM   #6
Manager, TSF Articles
 
JohnthePilot's Avatar
 
Join Date: Mar 2006
Location: Cheltenham, near Wales.
Posts: 38,277
OS: Windows 10 Professional, Windows 10 build 14361, Windows 7 Home Premium, Service Pack 1

My System


Thanks, that's what I've done.
__________________




Cenedl heb iaith, cenedl heb galon

JohnthePilot is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] PC Won't Boot After Cleaning
Hello all. I have a problem with my Windows 10 PC. Please bare with me with my long explanation. Please read and help. Every three months I open it up to clean it out with a can of compressed air. Today I did this and also replaced the optical drive as it had been acting up for a while where I...
Techie19 Windows 10 Support 38 12-07-2016 02:31 AM
Windows Update acting weird!
I don't think this is a problem, more of a curiosity, hence posting here. If it turns out that it is a problem, I'll get someone to move it to the appropriate forum. Got a notification earlier that new updates are available. As you will see from the pics, "4 important updates available" but only...
Deejay100six Offline 13 04-09-2014 08:19 AM
Bsod during Guild wars 2 session
Im having error often but only in this game. It say its a sync problem with my cpu. IM sorry in advance for the way i present the report but i could not figure out how to upload one of the file. there it is Rapport de diagnostics du système Ordinateur: JULIEN-PC Collecté: 27 août 2012...
passprogress BSOD, App Crashes And Hangs 6 08-29-2012 09:44 AM
Unable to get Windows Updates
TSF guys referred me to Virus/Trojan/Spyware team for help. I am running Vista Home Premium 32/b OS on a 5 yr old HP laptop. Starting approx 6 weeks ago I was unable to get WU's. I have tried numerous fixes found in various forums with no success hence, why I was referred. I've followed...
Optoboy Virus/Trojan/Spyware Help 14 08-11-2012 04:49 PM
Computer 'stalling' frequently. Graphics card may have a problem, as well.
After solving a previous issue with my system where everything would completely freeze after about 5 minutes of the computer being on by going into MSConfig and unchecking all of the unnecessary automatic start-up programs... I've run into another, but less fatal issue. My computer has been...
FreakshowGamer Windows XP Support 10 07-25-2011 03:02 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:34 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts