[In Progress] Slow System and Occasional Pop-Ups

  • 9 Replies
  • 349 Views
*

Offline sganderson

  • Bronze Member
  • 25
[In Progress] Slow System and Occasional Pop-Ups
« on: March 14, 2018, 02:59:32 PM »
Hello!  I am seeking assistance for my laptop which experiences slow response times and occasionally has pop-ups.  The system still works fine and I can close windows without repeated pop-ups, but I'd like to "clean up" any issues that exist and make it work like new again.

Thanks in advance, my logs are pasted below.

ATTACH LOG

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 12/21/2017 12:33:25 AM
System Uptime: 2/25/2018 6:23:45 PM (405 hours ago)
.
Motherboard: Type2 - Board Vendor Name1 |  | Type2 - Board Product Name1
Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz | U3E1 | 1400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 819.498 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown USB Device (Device Descriptor Request Failed)
Device ID: USB\VID_0000&PID_0002\5&1040A99F&0&4
Manufacturer: (Standard USB Host Controller)
Name: Unknown USB Device (Device Descriptor Request Failed)
PNP Device ID: USB\VID_0000&PID_0002\5&1040A99F&0&4
Service:
.
==== System Restore Points ===================
.
RP6: 2/11/2018 1:12:02 PM - Windows Update
RP7: 2/25/2018 2:03:53 PM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 15.14
Adobe Flash Player 29 NPAPI
Adobe Reader XI (11.0.23)  MUI
Adobe Refresh Manager
Amazon 1Button App
ChromecastApp
Conexant HD Audio
CyberLink PhotoDirector 3
CyberLink PowerDirector 10
DTS Sound
ELAN Touchpad 15.8.8.2_X64_WHQL
Google Chrome
Google Update Helper
Intel(R) Chipset Device Software
Intel(R) Management Engine Components
Intel(R) PRO/Wireless Driver
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Wireless Bluetooth(R)
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Malwarebytes version 3.3.1.2183
McAfee SiteAdvisor
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
Microsoft Office Professional Plus 2013 - en-us
Microsoft OneDrive
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 52.0.2 (x86 en-US)
Mozilla Firefox 55.0.2 (x64 en-US)
Mozilla Maintenance Service
MyMusicCloud Sync Agent
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Pogoplug PC
Realtek Card Reader
Realtek Ethernet Controller Driver
Skype™ 6.18
Spotify
TOSHIBA Application Installer
TOSHIBA Audio Enhancement
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA Password Utility
Toshiba Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA User's Guide
TOSHIBARegistration
WinZip 20.5
ZUUS Music Video Player
.
==== Event Viewer Messages From Past Week ========
.
3/14/2018 3:39:37 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================


DDS LOG

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.16299.15
Run by Costco at 15:46:27 on 2018-03-14
Microsoft Windows 10 Home  10.0.16299.0.1252.1.1033.18.8113.5033 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\PogoplugPC\HBADMIN.EXE
C:\Program Files\TOSHIBA\Teco\TecoService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\Windows\system32\CxAudMsg64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Program Files\Elantech\ETDCtrl.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Program Files\Elantech\ETDCtrlHelper.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files\TOSHIBA\Teco\TecoResident.exe
C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
C:\Program Files (x86)\PogoplugPC\ppserver.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\WinZip\FAHWindow64.exe
C:\Program Files\WinZip\WZUpdateNotifier.exe
C:\Program Files\WinZip\WzPreloader.exe
C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Users\Costco\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
C:\WINDOWS\splwow64.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\WindowsApps\Microsoft.BingNews_4.22.10183.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
svchost.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\MpSigStub.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\Windows\System32\smartscreen.exe
C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe
C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe
C:\WINDOWS\System32\cscript.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer provided by TOSHIBA
mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
uRun: [OneDrive] "C:\Users\Costco\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Google Update] C:\Users\Costco\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
uRun: [PogoplugPC] "C:\Program Files (x86)\PogoplugPC\ppserver.exe" --starthidden
uRunOnce: [Uninstall 17.3.7294.0108\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Costco\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64"
uRunOnce: [Uninstall 17.3.7294.0108] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Costco\AppData\Local\Microsoft\OneDrive\17.3.7294.0108"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\UPDATE~1.LNK - C:\Program Files\WinZip\WZUpdateNotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WINZIP~1.LNK - C:\Program Files\WinZip\WzPreloader.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5516e44b-2ec8-4a31-a3e4-e59ac276d986} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5b654504-d20f-48d9-b3ed-00515b8dab16} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5b654504-d20f-48d9-b3ed-00515b8dab16}\C415934363F5548545 : DHCPNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mWindow Title = Internet Explorer provided by TOSHIBA
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TSSSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Costco\AppData\Roaming\Mozilla\Firefox\Profiles\nuu13div.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
FF - plugin: C:\Users\Costco\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-21 632168]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-1-6 59800]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2018-1-26 77432]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 MpKslb331bc97;MpKslb331bc97;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A033F239-CF57-4319-9AAC-62C6B27D98DA}\MpKslb331bc97.sys [2018-2-26 58120]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_6625f;Connected Devices Platform User Service_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-2-25 385536]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-3-30 3058392]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 CxAudMsg;Conexant Audio Message Service;C:\WINDOWS\System32\CxAudMsg64.exe [2014-12-22 205560]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2015-9-16 147688]
R2 HBAdmin;HBAdmin;C:\Program Files (x86)\PogoplugPC\hbadmin.exe [2013-6-11 903456]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-12-2 373752]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-19 154584]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MbamChameleon.sys [2018-1-26 193968]
R2 OneSyncSvc_6625f;Sync Host_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-11-17 390632]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-2-25 519144]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\Teco\TecoService.exe [2015-6-15 331056]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-1-6 147864]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_6625f;Windows Push Notifications User Service_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
R3 dts_apo_service;DTS APO Service;C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2015-5-27 19960]
R3 ETD;ELAN Input Device;C:\WINDOWS\System32\drivers\ETD.sys [2015-9-16 479808]
R3 ETDSMBus;ETDSMBus;C:\WINDOWS\System32\drivers\ETDSMBus.sys [2015-12-17 40016]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2016-11-11 230144]
R3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-10-17 27032]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 NETwNb64;Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-11-22 3529728]
R3 PimIndexMaintenanceSvc_6625f;Contact Data_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 QIOMem;Generic IO & Memory Access;C:\WINDOWS\System32\drivers\QIOMem.sys [2015-5-28 22736]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-12-22 830680]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-8 53040]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
R3 UnistoreSvc_6625f;User Data Storage_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 UserDataSvc_6625f;User Data Access_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-1-26 129616]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [2018-1-26 356168]
R3 xcetap0;XCETAP0 Adapter;C:\WINDOWS\System32\drivers\xcetap0.sys [2013-6-11 39712]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-1-26 6234056]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 DevicesFlowUserSvc_6625f;DevicesFlow_6625f;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-10-17 39320]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2018-1-26 110016]
S3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2018-1-26 46008]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-1-26 253880]
S3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2018-1-26 94144]
S3 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2015-3-28 155368]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_6625f;MessagingService_6625f;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-1-6 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_6625f;PrintWorkflow_6625f;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-1-6 956416]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-1-6 103320]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-12-20 45464]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-12-20 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-12-20 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-12-20 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-20 770048]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-2-25 225792]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-03-14 20:44:59   14453336   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B6A440C-D2B0-4B0D-B9BA-AE32E117B4F4}\mpengine.dll
2018-02-27 01:09:38   58120   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A033F239-CF57-4319-9AAC-62C6B27D98DA}\MpKslb331bc97.sys
2018-02-27 01:05:42   14047160   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A033F239-CF57-4319-9AAC-62C6B27D98DA}\mpengine.dll
2018-02-26 00:35:51   14047160   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-02-26 00:24:46   --------   d-----w-   C:\WINDOWS\System32\drivers\wd
2018-02-25 20:42:59   859648   ----a-w-   C:\WINDOWS\System32\appwiz.cpl
.
==================== Find3M  ====================
.
2018-02-26 00:26:44   180   ----a-w-   C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-25 20:08:42   130067560   -c--a-w-   C:\WINDOWS\System32\MRT-KB890830.exe
2018-02-25 19:35:30   94144   ----a-w-   C:\WINDOWS\System32\drivers\mwac.sys
2018-02-10 06:24:01   270744   ----a-w-   C:\WINDOWS\System32\acmigration.dll
2018-02-10 06:23:51   138136   ----a-w-   C:\WINDOWS\System32\CompatTelRunner.exe
2018-02-10 06:23:48   1577880   ----a-w-   C:\WINDOWS\System32\appraiser.dll
2018-02-10 06:23:32   758168   ----a-w-   C:\WINDOWS\System32\generaltel.dll
2018-02-10 06:23:05   613272   ----a-w-   C:\WINDOWS\System32\devinv.dll
2018-02-10 06:22:44   387480   ----a-w-   C:\WINDOWS\System32\invagent.dll
2018-02-10 06:22:42   2003352   ----a-w-   C:\WINDOWS\System32\aitstatic.exe
2018-02-10 06:22:35   70040   ----a-w-   C:\WINDOWS\System32\win32appinventorycsp.dll
2018-02-10 06:22:35   35224   ----a-w-   C:\WINDOWS\System32\DeviceCensus.exe
2018-02-10 06:22:17   460696   ----a-w-   C:\WINDOWS\System32\dcntel.dll
2018-02-10 06:22:12   662936   ----a-w-   C:\WINDOWS\System32\aeinv.dll
2018-02-10 06:22:07   272800   ----a-w-   C:\WINDOWS\System32\aepic.dll
2018-02-10 06:21:39   1092016   ----a-w-   C:\WINDOWS\System32\winresume.efi
2018-02-10 06:21:17   279456   ----a-w-   C:\WINDOWS\System32\drivers\msiscsi.sys
2018-02-10 06:21:02   479912   ----a-w-   C:\WINDOWS\System32\ucrtbase_enclave.dll
2018-02-10 06:20:59   924648   ----a-w-   C:\WINDOWS\System32\winresume.exe
2018-02-10 06:20:39   77208   ----a-w-   C:\WINDOWS\System32\hvloader.dll
2018-02-10 06:20:12   1206680   ----a-w-   C:\WINDOWS\System32\hvix64.exe
2018-02-10 06:20:11   1055640   ----a-w-   C:\WINDOWS\System32\hvax64.exe
2018-02-10 06:20:06   599448   ----a-w-   C:\WINDOWS\System32\securekernel.exe
2018-02-10 06:19:25   1133888   ----a-w-   C:\WINDOWS\System32\MSVP9DEC.dll
2018-02-10 06:18:59   319864   ----a-w-   C:\WINDOWS\System32\wow64.dll
2018-02-10 06:18:50   98272   ----a-w-   C:\WINDOWS\System32\FsIso.exe
2018-02-10 06:18:50   22400   ----a-w-   C:\WINDOWS\System32\wow64cpu.dll
2018-02-10 06:18:42   1193192   ----a-w-   C:\WINDOWS\System32\Windows.StateRepositoryPS.dll
2018-02-10 06:17:32   1209240   ----a-w-   C:\WINDOWS\System32\winload.exe
2018-02-10 06:16:30   2406456   ----a-w-   C:\WINDOWS\System32\msmpeg2vdec.dll
2018-02-10 06:16:09   8603032   ----a-w-   C:\WINDOWS\System32\ntoskrnl.exe
2018-02-10 06:15:58   1415296   ----a-w-   C:\WINDOWS\System32\winload.efi
2018-02-10 06:15:53   2514944   ----a-w-   C:\WINDOWS\System32\KernelBase.dll
2018-02-10 06:15:34   1954048   ----a-w-   C:\WINDOWS\System32\ntdll.dll
2018-02-10 06:14:51   1002592   ----a-w-   C:\WINDOWS\System32\ucrtbase.dll
2018-02-10 06:14:48   2395032   ----a-w-   C:\WINDOWS\System32\drivers\ntfs.sys
2018-02-10 06:14:34   4504464   ----a-w-   C:\WINDOWS\System32\sppsvc.exe
2018-02-10 06:13:23   1416392   ----a-w-   C:\WINDOWS\System32\D3D12.dll
2018-02-10 06:13:19   373656   ----a-w-   C:\WINDOWS\System32\drivers\clfs.sys
2018-02-10 06:13:12   535960   ----a-w-   C:\WINDOWS\System32\drivers\netio.sys
2018-02-10 06:13:08   408984   ----a-w-   C:\WINDOWS\System32\drivers\dxgmms1.sys
2018-02-10 06:12:48   712600   ----a-w-   C:\WINDOWS\System32\drivers\vhdmp.sys
2018-02-10 06:12:26   1277848   ----a-w-   C:\WINDOWS\System32\drivers\ndis.sys
2018-02-10 06:12:18   4537040   ----a-w-   C:\WINDOWS\System32\setupapi.dll
2018-02-10 06:12:03   1313016   ----a-w-   C:\WINDOWS\System32\Taskmgr.exe
2018-02-10 06:11:49   494496   ----a-w-   C:\WINDOWS\System32\pcasvc.dll
2018-02-10 06:11:38   711432   ----a-w-   C:\WINDOWS\System32\ci.dll
2018-02-10 06:11:23   677784   ----a-w-   C:\WINDOWS\System32\drivers\cng.sys
2018-02-10 06:11:12   1029528   ----a-w-   C:\WINDOWS\System32\efscore.dll
2018-02-10 06:10:43   154520   ----a-w-   C:\WINDOWS\System32\Windows.StateRepositoryClient.dll
2018-02-10 06:10:38   246168   ----a-w-   C:\WINDOWS\System32\browserbroker.dll
2018-02-10 06:10:22   614160   ----a-w-   C:\WINDOWS\System32\StateRepository.Core.dll
2018-02-10 06:10:03   2447768   ----a-w-   C:\WINDOWS\System32\UpdateAgent.dll
2018-02-10 06:10:02   749976   ----a-w-   C:\WINDOWS\System32\drivers\dxgmms2.sys
2018-02-10 06:09:55   491264   ----a-w-   C:\WINDOWS\System32\policymanager.dll
2018-02-10 06:09:53   3904296   ----a-w-   C:\WINDOWS\explorer.exe
2018-02-10 06:09:51   525208   ----a-w-   C:\WINDOWS\System32\wimserv.exe
2018-02-10 06:09:08   755712   ----a-w-   C:\WINDOWS\System32\evr.dll
2018-02-10 06:09:08   75160   ----a-w-   C:\WINDOWS\System32\SecurityHealthProxyStub.dll
2018-02-10 06:08:50   398824   ----a-w-   C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2018-02-10 06:08:40   3010248   ----a-w-   C:\WINDOWS\System32\d3d11.dll
2018-02-10 06:08:39   687552   ----a-w-   C:\WINDOWS\System32\StructuredQuery.dll
2018-02-10 06:08:36   96200   ----a-w-   C:\WINDOWS\System32\winbrand.dll
2018-02-10 06:08:35   2574232   ----a-w-   C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-02-10 06:08:03   7675784   ----a-w-   C:\WINDOWS\System32\windows.storage.dll
2018-02-10 06:07:55   436632   ----a-w-   C:\WINDOWS\System32\CloudExperienceHostCommon.dll
2018-02-10 06:07:53   4506576   ----a-w-   C:\WINDOWS\System32\mfcore.dll
2018-02-10 06:07:02   705944   ----a-w-   C:\WINDOWS\System32\wimgapi.dll
2018-02-10 06:06:57   824896   ----a-w-   C:\WINDOWS\System32\ClipSVC.dll
2018-02-10 06:06:48   87384   ----a-w-   C:\WINDOWS\System32\remoteaudioendpoint.dll
2018-02-10 06:06:48   4486904   ----a-w-   C:\WINDOWS\System32\Windows.StateRepository.dll
2018-02-10 06:06:47   356952   ----a-w-   C:\WINDOWS\System32\wintrust.dll
2018-02-10 06:06:33   494488   ----a-w-   C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-02-10 06:06:29   594048   ----a-w-   C:\WINDOWS\System32\mf.dll
2018-02-10 06:06:26   189336   ----a-w-   C:\WINDOWS\System32\SecurityHealthAgent.dll
2018-02-10 06:06:23   100248   ----a-w-   C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll
2018-02-10 06:06:17   519144   ----a-w-   C:\WINDOWS\System32\SecurityHealthService.exe
2018-02-10 06:06:11   362904   ----a-w-   C:\WINDOWS\System32\drivers\pci.sys
2018-02-10 06:06:04   727448   ----a-w-   C:\WINDOWS\System32\drivers\fvevol.sys
2018-02-10 06:05:58   97176   ----a-w-   C:\WINDOWS\System32\drivers\sdstor.sys
2018-02-10 06:05:46   688064   ----a-w-   C:\WINDOWS\System32\AppXDeploymentClient.dll
2018-02-10 06:05:40   70856   ----a-w-   C:\WINDOWS\System32\wldp.dll
2018-02-10 06:05:28   413888   ----a-w-   C:\WINDOWS\System32\AUDIOKSE.dll
2018-02-10 06:03:49   1619808   ----a-w-   C:\WINDOWS\System32\sppobjs.dll
2018-02-10 06:03:43   404888   ----a-w-   C:\WINDOWS\System32\CloudExperienceHost.dll
2018-02-10 06:03:39   722616   ----a-w-   C:\WINDOWS\System32\sppwinob.dll
2018-02-10 06:03:35   706600   ----a-w-   C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
2018-02-10 06:03:34   849304   ----a-w-   C:\WINDOWS\System32\LicensingWinRT.dll
2018-02-10 06:03:32   98712   ----a-w-   C:\WINDOWS\System32\DeviceReactivation.dll
2018-02-10 06:02:30   2773400   ----a-w-   C:\WINDOWS\System32\drivers\tcpip.sys
2018-02-10 06:02:29   1103768   ----a-w-   C:\WINDOWS\System32\drivers\http.sys
2018-02-10 06:02:17   628632   ----a-w-   C:\WINDOWS\System32\msvcp_win.dll
2018-02-10 06:02:15   617304   ----a-w-   C:\WINDOWS\System32\TextInputFramework.dll
2018-02-10 05:22:00   1930224   ----a-w-   C:\WINDOWS\SysWow64\KernelBase.dll
2018-02-10 05:21:40   1615712   ----a-w-   C:\WINDOWS\SysWow64\ntdll.dll
2018-02-10 05:18:41   1384288   ----a-w-   C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-02-10 05:17:48   211864   ----a-w-   C:\WINDOWS\SysWow64\aepic.dll
2018-02-10 05:17:39   542856   ----a-w-   C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
2018-02-10 05:17:30   2255112   ----a-w-   C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-02-10 05:15:50   1145624   ----a-w-   C:\WINDOWS\SysWow64\ucrtbase.dll
.
============= FINISH: 15:49:54.84 ===============
« Last Edit: March 14, 2018, 06:49:22 PM by Hoov »

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27161
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Slow System and Occasional Pop-Ups
« Reply #1 on: March 14, 2018, 06:58:46 PM »
Hello again. I have helped you in the past, and will do so again. You mention slow response times and occasional popups, can you be a bit more specific? When are you having the slow response times? Is it just when you are online? Or does it happen both online and offline? Is it windows, or a specific program? How does the sluggishness manifest itself? How about the popups (Just an FYI, you will never be totally rid of popups, but you can reduce them to almost none).

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline sganderson

  • Bronze Member
  • 25
Re: [In Progress] Slow System and Occasional Pop-Ups
« Reply #2 on: March 15, 2018, 07:30:53 AM »
Hello Hoov.  The slow response times are most notable after waking the machine up (after providing ample time for programs to re-engage...30-45 seconds), just about anytime I launch Firefox, and when switching between programs.  As for the pop-ups, perhaps calling them pop-ups is not accurate, it's more of a webpage changing to another site.  For example, I'll be on Yahoo's front page and after about 20-30 seconds the page switches to some malicious virus warning site...and the only way to move from it is to close the browser and launching Firefox again.

Hope that gives you what you are seeking. 

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27161
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Slow System and Occasional Pop-Ups
« Reply #3 on: March 15, 2018, 03:02:47 PM »
Yes it does. It sounds as if you have several problems.

Open Malwarebytes and click the scan now button. Once the scan is done, copy the log and paste it up here.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline sganderson

  • Bronze Member
  • 25
Re: [In Progress] Slow System and Occasional Pop-Ups
« Reply #4 on: March 17, 2018, 09:44:35 AM »
Ran Malwarebytes, it found 1 threat -- which I quarantined.  Below are the scan results:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/17/18
Scan Time: 10:20 AM
Log File: b897209e-29f6-11e8-b0ec-2c600c2ee210.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.4392
License: Premium

-System Information-
OS: Windows 10 (Build 16299.309)
CPU: x64
File System: NTFS
User: STEVE\Costco

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307964
Threats Detected: 1
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 20 min, 3 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|AMAZON1BUTTONTASKBARAPP.EXE, No Action By User, [839], [493348],1.0.4392

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27161
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Slow System and Occasional Pop-Ups
« Reply #5 on: March 17, 2018, 09:18:21 PM »
1.Download and scan with CCleaner
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK \"Only delete files in Windows Temp folder older than 48 hours\"
3. Then select the items you wish to clean up.
In the Windows Tab:

    • Clean all entries in the \"Internet Explorer\" section except Cookies if you want to keep those.
    • Clean all the entries in the \"Windows Explorer\" section.
    • Clean all entries in the \"System\" section.
    • Clean all entries in the \"Advanced\" section.
    • Clean any others that you choose.


    In the Applications Tab
      • Clean all except cookies in the Firefox/Mozilla section if you use it.
      • Clean all in the Opera section if you use it.
      • Clean Sun Java in the Internet Section.
      • Clean any others that you choose.


      4. Click the \"Run Cleaner\" button.
      5. A pop up box will appear advising this process will permanently delete files from your system.
      6. Click \"OK\" and it will scan and clean your system.
      7. Click \"exit\" when done. ');

      Try opening Firefox or any other browser you use, and see if they open faster. Let me know. Also can you get me a screenshot of the page you get switched to, the virus warning site?

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      *

      Offline sganderson

      • Bronze Member
      • 25
      Re: [In Progress] Slow System and Occasional Pop-Ups
      « Reply #6 on: April 01, 2018, 09:09:24 AM »
      Sorry for the major delay in responding...   I ran CCleaner and it removed alot of junk.  Restarted computer and Firefox and response time seemed quicker for the last 2-3 days.  I have not seen the webpage swap during this time, but if it does it again I will capture the screen.  Thanks for your assistance (again), let me know if there is anything else I need to do for now.

      *

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • 27161
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Re: [In Progress] Slow System and Occasional Pop-Ups
      « Reply #7 on: April 01, 2018, 11:54:21 AM »
      Is the computer and the browsers working as they are suppose to?

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      *

      Offline sganderson

      • Bronze Member
      • 25
      Re: [In Progress] Slow System and Occasional Pop-Ups
      « Reply #8 on: April 07, 2018, 03:31:00 PM »
      Yes, the system has better response time and I have not seen a return of the virus screen page.

      *

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • 27161
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Re: [In Progress] Slow System and Occasional Pop-Ups
      « Reply #9 on: April 08, 2018, 08:21:33 AM »
      You need to turn off system restore and then turn it back on again. This will purge your system restore files so that you will not restore the problems that you were having. Do you have any other questions or concerns? Let me know if you need instructions on the system restore procedure.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!