Hi All
Please let me know if this should be moved to another section and I'll keep it brief till then
I'm not sure if this is malware or a software/machine issue
I have a similar post in the Windows 7 area -I have followed or alread had tried their suggestions before I posted here
The issue is speed, recently everything is taking noticeably longer
Open a program that in the past took a few seconds, now it can take 30-45 sec.
Command responses are ling enough I find myself re-clicking , not sure if the 1st (or 2nd ) one worked.
Avira scans show nothing
I'm using A Dell latitude, quad core I5 , 4 GIG RAM running Windows 7 64 bit Office 2007 suite and Avira security software
This is simply a work machine -no gaming, I spend a lot of time in the Office suite & opening a new Word doc, or Excel spreadsheet may take 30 -40 seconds.
I'm noticing similar speed issues online, a fair amount of "timed out" requests when opening web pages/documents.
We use an online customer management suite "Asana" & the speed issue is noticed.
Note - others running similar Dell laptops ( I bought several for work a few years back) are not having these issues
I've read the STICKY and run the DDS scan and requested, the 2 logs are inserted and attached here
Thank you for your help
Bob
DDS Text below
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19003 BrowserJavaVersion: 11.151.2
Run by User at 12:24:12 on 2018-05-27
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3977.1663 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Avira\Antivirus\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\sysWOW64\SDIOAssist.exe
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.dell.com
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL
BHO: AviraBrowserSafety.BrowserSafety: {c3c77255-42c0-499f-b664-6e981a0b1647} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
uRun: [Lync] "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe" /fromrunkey
uRun: [AutoStartVMA] C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} -
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0}\2656C6B696E6E2037373 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B6FC803A-149B-4B33-99C0-70BE4DDF12F8} : DHCPNameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} -
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - <orphaned>
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jlao0ugq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - plugin: C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Users\User\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi-x64.dll
FF - plugin: C:\Users\User\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi.dll
FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_23_0_0_162.dll
FF - plugin: C:\Windows\System32\npDeployJava1.dll
FF - plugin: C:\Windows\System32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avdevprot;avdevprot;C:\Windows\System32\drivers\avdevprot.sys [2017-9-21 64504]
R0 avusbflt;avusbflt;C:\Windows\System32\drivers\avusbflt.sys [2017-9-21 34128]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-6-20 28992]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-6-21 22128]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2017-9-21 35328]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2016-4-7 153784]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-6-20 249152]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2016-4-18 89600]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-9-21 224472]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-9-21 224472]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2017-9-21 199912]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-5-22 451288]
R2 avnetflt;avnetflt;C:\Windows\System32\drivers\avnetflt.sys [2017-9-21 78600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2013-3-7 1044872]
R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2013-3-7 37768]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 O2SDIOAssist;O2SDIOAssist;C:\Windows\SysWOW64\srvany.exe [2013-6-21 8192]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2016-4-19 741640]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-10 382272]
R2 ubsbm;Unibrain 1394 SBM Driver;C:\Windows\System32\drivers\UBSBM.sys [2015-8-5 24064]
R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\Windows\System32\drivers\UBUMAPI.sys [2015-8-5 92160]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-6-21 2595832]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2013-6-21 27760]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-3-7 47752]
R3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2011-1-3 74984]
R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2011-3-23 83560]
R3 ubohci;Unibrain 1394 OHCI Driver;C:\Windows\System32\drivers\ubohci.sys [2015-8-5 132608]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-9-21 879128]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-9-21 1165320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2016-12-17 282112]
S3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2018-2-10 41608]
S3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2018-2-10 41208]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-4-19 110336]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-5-9 116224]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-15 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-15 180736]
S3 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2013-8-15 145736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2017-8-11 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-4-19 206080]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2017-8-11 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2017-8-11 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-21 1255736]
.
=============== Created Last 30 ================
.
2018-05-19 14:02:48 -------- d-----w- C:\ProgramData\Dell Inc
2018-05-19 14:02:44 -------- d-----w- C:\ProgramData\SupportAssist
2018-05-10 23:12:10 244208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2018-05-05 02:11:53 -------- d-----w- C:\Users\User\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2018-05-11 08:05:20 199912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2018-05-09 18:12:07 141696960 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-04-23 00:35:16 708288 ----a-w- C:\Windows\System32\winload.efi
2018-04-23 00:35:15 5583552 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-04-23 00:35:13 95424 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-04-23 00:35:13 154816 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-04-23 00:12:01 4047040 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-04-23 00:12:01 3958464 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-04-23 00:10:11 631640 ----a-w- C:\Windows\System32\winresume.efi
2018-04-23 00:07:13 1665336 ----a-w- C:\Windows\System32\ntdll.dll
2018-04-22 23:44:08 1314064 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-04-22 23:41:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-04-22 23:41:01 82944 ----a-w- C:\Windows\SysWow64\bcrypt.dll
2018-04-22 23:41:01 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2018-04-22 23:41:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2018-04-22 23:41:01 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2018-04-22 23:41:00 70144 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2018-04-22 23:41:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2018-04-22 23:41:00 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2018-04-22 23:32:37 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-04-22 23:32:33 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-04-22 23:32:33 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-04-22 23:31:51 64512 ----a-w- C:\Windows\System32\auditpol.exe
2018-04-22 23:28:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-04-22 23:28:15 129536 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-04-22 23:27:53 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-04-22 23:25:10 160256 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-04-22 23:24:41 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-04-22 23:24:34 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-04-22 23:24:33 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-04-22 23:23:47 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-04-22 23:23:44 112640 ----a-w- C:\Windows\System32\smss.exe
2018-04-22 23:22:55 50688 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-04-22 23:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-04-22 23:19:20 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-04-22 23:19:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-04-22 23:19:20 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-04-22 23:18:32 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-04-22 23:18:26 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-04-22 23:18:26 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-22 23:18:26 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-22 23:18:26 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-04-22 07:53:43 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-04-22 07:53:29 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-04-22 07:39:10 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-04-22 07:38:26 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-04-22 07:38:25 578048 ----a-w- C:\Windows\System32\vbscript.dll
2018-04-22 07:38:18 417280 ----a-w- C:\Windows\System32\html.iec
2018-04-22 07:37:49 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-04-22 07:32:36 5779456 ----a-w- C:\Windows\System32\jscript9.dll
2018-04-22 07:26:33 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-04-22 07:26:32 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-04-22 07:26:14 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-04-22 07:18:54 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-04-22 07:16:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-04-22 07:08:58 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-04-22 07:08:38 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-04-22 07:04:15 499712 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-04-22 07:04:10 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-04-22 07:03:27 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-04-22 07:03:16 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-04-22 07:02:24 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-04-22 06:53:58 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-04-22 06:53:34 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-04-22 06:46:57 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-04-22 06:46:47 2135552 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-04-22 06:40:56 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-04-22 06:40:23 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-04-22 06:33:59 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-04-22 06:31:58 4496896 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-04-22 06:26:56 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-04-22 06:26:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-04-22 06:08:25 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-04-18 16:03:32 701952 ----a-w- C:\Windows\System32\hhctrl.ocx
2018-04-18 16:03:32 53248 ----a-w- C:\Windows\System32\hhsetup.dll
2018-04-18 15:51:41 523776 ----a-w- C:\Windows\SysWow64\hhctrl.ocx
2018-04-18 15:51:41 43008 ----a-w- C:\Windows\SysWow64\hhsetup.dll
2018-04-18 15:41:57 16896 ----a-w- C:\Windows\hh.exe
2018-04-18 15:35:36 15360 ----a-w- C:\Windows\SysWow64\hh.exe
2018-04-11 16:38:46 194048 ----a-w- C:\Windows\System32\itircl.dll
2018-04-11 16:38:46 170496 ----a-w- C:\Windows\System32\itss.dll
2018-04-11 16:36:01 158720 ----a-w- C:\Windows\SysWow64\itircl.dll
2018-04-11 16:36:01 142848 ----a-w- C:\Windows\SysWow64\itss.dll
2018-04-10 19:45:06 634272 ----a-w- C:\Windows\System32\winload.exe
2018-04-10 16:36:30 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2018-04-10 16:36:30 13312 ----a-w- C:\Windows\System32\sscore.dll
2018-04-10 16:35:28 1735168 ----a-w- C:\Windows\System32\comsvcs.dll
2018-04-10 16:34:49 525824 ----a-w- C:\Windows\System32\catsrvut.dll
2018-04-10 16:33:04 1241600 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2018-04-10 16:32:58 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2018-04-10 16:00:12 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2018-04-10 15:54:03 3226112 ----a-w- C:\Windows\System32\win32k.sys
2018-04-10 15:48:01 464384 ----a-w- C:\Windows\System32\drivers\srv.sys
2018-04-10 15:47:34 406016 ----a-w- C:\Windows\System32\drivers\srv2.sys
2018-04-10 15:47:17 169984 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2018-04-07 16:41:15 371392 ----a-w- C:\Windows\System32\clfs.sys
2018-03-18 22:16:13 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-03-18 22:11:37 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-03-14 17:16:24 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2018-03-14 17:14:44 135360 ----a-w- C:\Windows\System32\CompatTelRunner.exe
.
============= FINISH: 12:25:30.24 ===============
Please let me know if this should be moved to another section and I'll keep it brief till then
I'm not sure if this is malware or a software/machine issue
I have a similar post in the Windows 7 area -I have followed or alread had tried their suggestions before I posted here
The issue is speed, recently everything is taking noticeably longer
Open a program that in the past took a few seconds, now it can take 30-45 sec.
Command responses are ling enough I find myself re-clicking , not sure if the 1st (or 2nd ) one worked.
Avira scans show nothing
I'm using A Dell latitude, quad core I5 , 4 GIG RAM running Windows 7 64 bit Office 2007 suite and Avira security software
This is simply a work machine -no gaming, I spend a lot of time in the Office suite & opening a new Word doc, or Excel spreadsheet may take 30 -40 seconds.
I'm noticing similar speed issues online, a fair amount of "timed out" requests when opening web pages/documents.
We use an online customer management suite "Asana" & the speed issue is noticed.
Note - others running similar Dell laptops ( I bought several for work a few years back) are not having these issues
I've read the STICKY and run the DDS scan and requested, the 2 logs are inserted and attached here
Thank you for your help
Bob
DDS Text below
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19003 BrowserJavaVersion: 11.151.2
Run by User at 12:24:12 on 2018-05-27
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3977.1663 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Avira\Antivirus\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\sysWOW64\SDIOAssist.exe
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.dell.com
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL
BHO: AviraBrowserSafety.BrowserSafety: {c3c77255-42c0-499f-b664-6e981a0b1647} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
uRun: [Lync] "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe" /fromrunkey
uRun: [AutoStartVMA] C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} -
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0}\2656C6B696E6E2037373 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9DD21924-B53B-40C3-BDE3-980EC2D759A0}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B6FC803A-149B-4B33-99C0-70BE4DDF12F8} : DHCPNameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} -
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - <orphaned>
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jlao0ugq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - plugin: C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Users\User\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi-x64.dll
FF - plugin: C:\Users\User\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.51\npGatewayNpapi.dll
FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_23_0_0_162.dll
FF - plugin: C:\Windows\System32\npDeployJava1.dll
FF - plugin: C:\Windows\System32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avdevprot;avdevprot;C:\Windows\System32\drivers\avdevprot.sys [2017-9-21 64504]
R0 avusbflt;avusbflt;C:\Windows\System32\drivers\avusbflt.sys [2017-9-21 34128]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-6-20 28992]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-6-21 22128]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2017-9-21 35328]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2016-4-7 153784]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-6-20 249152]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2016-4-18 89600]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-9-21 224472]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-9-21 224472]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2017-9-21 199912]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-5-22 451288]
R2 avnetflt;avnetflt;C:\Windows\System32\drivers\avnetflt.sys [2017-9-21 78600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2013-3-7 1044872]
R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2013-3-7 37768]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 O2SDIOAssist;O2SDIOAssist;C:\Windows\SysWOW64\srvany.exe [2013-6-21 8192]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2016-4-19 741640]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-10 382272]
R2 ubsbm;Unibrain 1394 SBM Driver;C:\Windows\System32\drivers\UBSBM.sys [2015-8-5 24064]
R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\Windows\System32\drivers\UBUMAPI.sys [2015-8-5 92160]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-6-21 2595832]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2013-6-21 27760]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-3-7 47752]
R3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2011-1-3 74984]
R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2011-3-23 83560]
R3 ubohci;Unibrain 1394 OHCI Driver;C:\Windows\System32\drivers\ubohci.sys [2015-8-5 132608]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-9-21 879128]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-9-21 1165320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2016-12-17 282112]
S3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2018-2-10 41608]
S3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2018-2-10 41208]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-4-19 110336]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-5-9 116224]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-15 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-15 180736]
S3 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2013-8-15 145736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2017-8-11 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-4-19 206080]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2017-8-11 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2017-8-11 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-21 1255736]
.
=============== Created Last 30 ================
.
2018-05-19 14:02:48 -------- d-----w- C:\ProgramData\Dell Inc
2018-05-19 14:02:44 -------- d-----w- C:\ProgramData\SupportAssist
2018-05-10 23:12:10 244208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2018-05-05 02:11:53 -------- d-----w- C:\Users\User\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2018-05-11 08:05:20 199912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2018-05-09 18:12:07 141696960 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-04-23 00:35:16 708288 ----a-w- C:\Windows\System32\winload.efi
2018-04-23 00:35:15 5583552 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-04-23 00:35:13 95424 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-04-23 00:35:13 154816 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-04-23 00:12:01 4047040 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-04-23 00:12:01 3958464 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-04-23 00:10:11 631640 ----a-w- C:\Windows\System32\winresume.efi
2018-04-23 00:07:13 1665336 ----a-w- C:\Windows\System32\ntdll.dll
2018-04-22 23:44:08 1314064 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-04-22 23:41:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-04-22 23:41:01 82944 ----a-w- C:\Windows\SysWow64\bcrypt.dll
2018-04-22 23:41:01 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2018-04-22 23:41:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2018-04-22 23:41:01 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2018-04-22 23:41:00 70144 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2018-04-22 23:41:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2018-04-22 23:41:00 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2018-04-22 23:32:37 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-04-22 23:32:33 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-04-22 23:32:33 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-04-22 23:31:51 64512 ----a-w- C:\Windows\System32\auditpol.exe
2018-04-22 23:28:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-04-22 23:28:15 129536 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-04-22 23:27:53 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-04-22 23:25:10 160256 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-04-22 23:24:41 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-04-22 23:24:34 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-04-22 23:24:33 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-04-22 23:23:47 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-04-22 23:23:44 112640 ----a-w- C:\Windows\System32\smss.exe
2018-04-22 23:22:55 50688 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-04-22 23:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-04-22 23:19:20 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-04-22 23:19:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-04-22 23:19:20 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-04-22 23:18:32 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-04-22 23:18:26 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-04-22 23:18:26 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-22 23:18:26 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-22 23:18:26 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-04-22 07:53:43 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-04-22 07:53:29 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-04-22 07:39:10 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-04-22 07:38:26 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-04-22 07:38:25 578048 ----a-w- C:\Windows\System32\vbscript.dll
2018-04-22 07:38:18 417280 ----a-w- C:\Windows\System32\html.iec
2018-04-22 07:37:49 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-04-22 07:32:36 5779456 ----a-w- C:\Windows\System32\jscript9.dll
2018-04-22 07:26:33 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-04-22 07:26:32 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-04-22 07:26:14 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-04-22 07:18:54 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-04-22 07:16:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-04-22 07:08:58 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-04-22 07:08:38 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-04-22 07:04:15 499712 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-04-22 07:04:10 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-04-22 07:03:27 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-04-22 07:03:16 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-04-22 07:02:24 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-04-22 06:53:58 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-04-22 06:53:34 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-04-22 06:46:57 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-04-22 06:46:47 2135552 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-04-22 06:40:56 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-04-22 06:40:23 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-04-22 06:33:59 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-04-22 06:31:58 4496896 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-04-22 06:26:56 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-04-22 06:26:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-04-22 06:08:25 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-04-18 16:03:32 701952 ----a-w- C:\Windows\System32\hhctrl.ocx
2018-04-18 16:03:32 53248 ----a-w- C:\Windows\System32\hhsetup.dll
2018-04-18 15:51:41 523776 ----a-w- C:\Windows\SysWow64\hhctrl.ocx
2018-04-18 15:51:41 43008 ----a-w- C:\Windows\SysWow64\hhsetup.dll
2018-04-18 15:41:57 16896 ----a-w- C:\Windows\hh.exe
2018-04-18 15:35:36 15360 ----a-w- C:\Windows\SysWow64\hh.exe
2018-04-11 16:38:46 194048 ----a-w- C:\Windows\System32\itircl.dll
2018-04-11 16:38:46 170496 ----a-w- C:\Windows\System32\itss.dll
2018-04-11 16:36:01 158720 ----a-w- C:\Windows\SysWow64\itircl.dll
2018-04-11 16:36:01 142848 ----a-w- C:\Windows\SysWow64\itss.dll
2018-04-10 19:45:06 634272 ----a-w- C:\Windows\System32\winload.exe
2018-04-10 16:36:30 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2018-04-10 16:36:30 13312 ----a-w- C:\Windows\System32\sscore.dll
2018-04-10 16:35:28 1735168 ----a-w- C:\Windows\System32\comsvcs.dll
2018-04-10 16:34:49 525824 ----a-w- C:\Windows\System32\catsrvut.dll
2018-04-10 16:33:04 1241600 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2018-04-10 16:32:58 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2018-04-10 16:00:12 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2018-04-10 15:54:03 3226112 ----a-w- C:\Windows\System32\win32k.sys
2018-04-10 15:48:01 464384 ----a-w- C:\Windows\System32\drivers\srv.sys
2018-04-10 15:47:34 406016 ----a-w- C:\Windows\System32\drivers\srv2.sys
2018-04-10 15:47:17 169984 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2018-04-07 16:41:15 371392 ----a-w- C:\Windows\System32\clfs.sys
2018-03-18 22:16:13 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-03-18 22:11:37 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-03-14 17:16:24 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2018-03-14 17:14:44 135360 ----a-w- C:\Windows\System32\CompatTelRunner.exe
.
============= FINISH: 12:25:30.24 ===============