Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer very slow; could it be a virus?


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP

Sounds like you tried to use a regular command prompt instead of an elevated command prompt.  Check the link I gave you for how to do it.  If you open an elevted command prompt the prompt will be:

C:\Windows\Sytem32>


  • 0

Advertisements


#17
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       436 N/A                                         
csrss.exe                      740 N/A                                         
wininit.exe                    852 N/A                                         
services.exe                   980 N/A                                         
lsass.exe                      996 KeyIso, SamSs, VaultSvc                     
svchost.exe                    572 PlugPlay                                    
svchost.exe                    608 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
fontdrvhost.exe                660 N/A                                         
svchost.exe                    708 RpcEptMapper, RpcSs                         
svchost.exe                   1056 LSM                                         
svchost.exe                   1200 NcbService                                  
svchost.exe                   1212 wudfsvc                                     
svchost.exe                   1284 TimeBrokerSvc                               
svchost.exe                   1308 hidserv                                     
svchost.exe                   1408 TabletInputService                          
WUDFHost.exe                  1504 N/A                                         
svchost.exe                   1528 EventLog                                    
svchost.exe                   1588 EventSystem                                 
svchost.exe                   1596 Themes                                      
svchost.exe                   1604 ProfSvc                                     
svchost.exe                   1732 SENS                                        
igfxCUIService.exe            1772 igfxCUIService2.0.0.0                       
svchost.exe                   1796 Schedule                                    
svchost.exe                   1900 AudioEndpointBuilder                        
svchost.exe                   1908 FontCache                                   
svchost.exe                   2000 UserManager                                 
svchost.exe                   1456 SensrSvc                                    
svchost.exe                   2064 SensorService                               
WUDFHost.exe                  2076 N/A                                         
svchost.exe                   2092 nsi                                         
svchost.exe                   2148 Dhcp                                        
svchost.exe                   2200 NlaSvc                                      
svchost.exe                   2244 StateRepository                             
svchost.exe                   2276 Audiosrv                                    
svchost.exe                   2376 netprofm                                    
hpservice.exe                 2396 hpsrv                                       
RtkAudioService64.exe         2476 RtkAudioService                             
svchost.exe                   2568 Wcmsvc                                      
svchost.exe                   2576 Dnscache                                    
svchost.exe                   2584 DusmSvc                                     
svchost.exe                   2780 WlanSvc                                     
svchost.exe                   2832 ShellHWDetection                            
spoolsv.exe                   2952 Spooler                                     
svchost.exe                   3012 BFE, CoreMessagingRegistrar, MpsSvc         
svchost.exe                   3060 LanmanWorkstation                           
svchost.exe                   3168 SysMain                                     
svchost.exe                   3176 TrkWks                                      
svchost.exe                   3184 tiledatamodelsvc                            
esif_uf.exe                   3192 esifsvc                                     
SynTPEnhService.exe           3200 SynTPEnhService                             
EvtEng.exe                    3224 EvtEng                                      
RegSrvc.exe                   3232 RegSrvc                                     
vpnsvc.exe                    3260 SecureLine                                  
FNPLicensingService64.exe     3272 FlexNet Licensing Service 64                
mfemms.exe                    3288 mfemms                                      
svchost.exe                   3296 DeviceAssociationService                    
svchost.exe                   3304 Winmgmt                                     
svchost.exe                   3312 DiagTrack                                   
svchost.exe                   3320 DPS                                         
svchost.exe                   3328 stisvc                                      
svchost.exe                   3336 CryptSvc                                    
svchost.exe                   3344 WpnService                                  
svchost.exe                   3352 PcaSvc                                      
RichVideo64.exe               3428 RichVideo64                                 
HPCommRecovery.exe            3436 HP Comm Recover                             
DbxSvc.exe                    3444 DbxSvc                                      
mfevtps.exe                   3476 mfevtp                                      
PenCommService.exe            3484 PenCommService                              
SecurityHealthService.exe     3492 SecurityHealthService                       
armsvc.exe                    3500 AdobeARMservice                             
AppleMobileDeviceService.     3508 Apple Mobile Device Service                 
OfficeClickToRun.exe          3516 ClickToRunSvc                               
PEFService.exe                3524 PEFService                                  
ibtsiva.exe                   3552 ibtsiva                                     
MsMpEng.exe                   3752 WinDefend                                   
AGSService.exe                3760 AGSService                                  
svchost.exe                   3972 WdiServiceHost                              
Memory Compression            4036 N/A                                         
svchost.exe                   3216 LanmanServer                                
svchost.exe                   4208 iphlpsvc                                    
wlanext.exe                   4728 N/A                                         
conhost.exe                   4752 N/A                                         
mfevtps.exe                   4780 N/A                                         
dasHost.exe                   4820 N/A                                         
mfefire.exe                   3748 N/A                                         
svchost.exe                   5128 SSDPSRV                                     
McSvHost.exe                  5164 HomeNetSvc, mcbootdelaystartsvc, McMPFSvc,  
                                   McNaiAnn, mcpltsvc, McProxy                 
svchost.exe                   5464 Netman                                      
mfefire.exe                   7268 mfefire                                     
McAPExe.exe                   7348 McAPExe                                     
mcshield.exe                  7384 N/A                                         
unsecapp.exe                  7832 N/A                                         
WmiPrvSE.exe                  1444 N/A                                         
svchost.exe                   2604 FDResPub                                    
svchost.exe                   3364 HomeGroupProvider                           
NisSrv.exe                    1016 WdNisSvc                                    
svchost.exe                   2944 CDPSvc                                      
GamesAppIntegrationServic     3936 GamesAppIntegrationService                  
GoogleCrashHandler.exe        8232 N/A                                         
GoogleCrashHandler64.exe      8240 N/A                                         
HPSupportSolutionsFramewo     8316 HPSupportSolutionsFrameworkService          
IAStorDataMgrSvc.exe          8472 IAStorDataMgrSvc                            
IntuitUpdateService.exe       8548 IntuitUpdateServiceV4                       
jhi_service.exe               8712 jhi_service                                 
McCSPServiceHost.exe          8780 mccspsvc                                    
ModuleCoreService.exe         8888 ModuleCoreService                           
svchost.exe                   9144 wscsvc                                      
SearchIndexer.exe             9192 WSearch                                     
svchost.exe                   2532 StorSvc                                     
PresentationFontCache.exe     8708 FontCache3.0.0.0                            
svchost.exe                   2936 TokenBroker                                 
svchost.exe                   2880 Appinfo                                     
iPodService.exe              11172 iPod Service                                
hpqwmiex.exe                  8356 hpqwmiex                                    
svchost.exe                  10572 lfsvc                                       
svchost.exe                   8844 wcncsvc                                     
svchost.exe                   5884 QWAVE                                       
svchost.exe                  12192 WinHttpAutoProxySvc                         
svchost.exe                   9496 EapHost                                     
svchost.exe                   2012 RmSvc                                       
svchost.exe                  11376 SstpSvc                                     
svchost.exe                  13136 TapiSrv                                     
svchost.exe                   3036 RasMan                                      
svchost.exe                   8076 LicenseManager                              
svchost.exe                   9556 DsSvc                                       
audiodg.exe                   1828 N/A                                         
HPWMISVC.exe                 11660 HPWMISVC                                    
svchost.exe                  12664 seclogon                                    
csrss.exe                    10796 N/A                                         
winlogon.exe                  6216 N/A                                         
fontdrvhost.exe              12032 N/A                                         
dwm.exe                      10628 N/A                                         
svchost.exe                  12036 Browser                                     
svchost.exe                  13620 lmhosts                                     
svchost.exe                  14456 fdPHost                                     
svchost.exe                   9936 NcdAutoSetup                                
esif_assist_64.exe             824 N/A                                         
svchost.exe                  13684 CDPUserSvc_21cdef0                          
sihost.exe                   12320 N/A                                         
svchost.exe                  13940 WpnUserService_21cdef0                      
GoogleUpdate.exe             10740 N/A                                         
taskhostw.exe                14252 N/A                                         
RAVBg64.exe                  11852 N/A                                         
SynTPEnh.exe                 14324 N/A                                         
McUICnt.exe                   7032 N/A                                         
svchost.exe                  12148 NgcCtnrSvc                                  
explorer.exe                  8840 N/A                                         
SynTPHelper.exe              10372 N/A                                         
igfxEM.exe                   13268 N/A                                         
ShellExperienceHost.exe      14480 N/A                                         
SearchUI.exe                 12184 N/A                                         
RuntimeBroker.exe             3212 N/A                                         
SpeechRuntime.exe            11536 N/A                                         
TabTip.exe                   11812 N/A                                         
TabTip32.exe                  2764 N/A                                         
chrome.exe                    3548 N/A                                         
chrome.exe                    8040 N/A                                         
chrome.exe                    3256 N/A                                         
chrome.exe                    7536 N/A                                         
chrome.exe                   14384 N/A                                         
chrome.exe                   10280 N/A                                         
chrome.exe                   15892 N/A                                         
chrome.exe                   11608 N/A                                         
chrome.exe                    5852 N/A                                         
chrome.exe                    8348 N/A                                         
chrome.exe                   12852 N/A                                         
chrome.exe                    8396 N/A                                         
chrome.exe                    5052 N/A                                         
chrome.exe                    9616 N/A                                         
chrome.exe                    2916 N/A                                         
chrome.exe                   16228 N/A                                         
chrome.exe                   13924 N/A                                         
MSASCuiL.exe                  4772 N/A                                         
RtkNGUI64.exe                10228 N/A                                         
iTunesHelper.exe               560 N/A                                         
svchost.exe                   4888 WdiSystemHost                               
chrome.exe                    4256 N/A                                         
OneDrive.exe                  7256 N/A                                         
iCloudServices.exe           12588 N/A                                         
SSScheduler.exe               4488 N/A                                         
EvernoteClipper.exe           4672 N/A                                         
HPMSGSVC.exe                  9416 N/A                                         
HPRadioMgr64.exe             10524 N/A                                         
ONENOTEM.EXE                   888 N/A                                         
CNMNSST.exe                   8628 N/A                                         
APSDaemon.exe                 8036 N/A                                         
chrome.exe                   14060 N/A                                         
svchost.exe                   9360 OneSyncSvc_21cdef0,                         
                                   PimIndexMaintenanceSvc_21cdef0,             
                                   UnistoreSvc_21cdef0, UserDataSvc_21cdef0    
secureline.exe               15908 N/A                                         
svchost.exe                   4264 gpsvc                                       
svchost.exe                   6424 wlidsvc                                     
dllhost.exe                   6976 N/A                                         
smartscreen.exe              13992 N/A                                         
Taskmgr.exe                  14652 N/A                                         
cmd.exe                      13020 N/A                                         
conhost.exe                  13888 N/A                                         
tasklist.exe                 10392 N/A                                         
WmiPrvSE.exe                  2016 N/A                                         

  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP

Looks like you rebooted between the last Process Explorer and the  junk.txt file.  The Process ID numbers change when you reboot so I need a matched pair.  Please redo the Process Explorer logs and a new junk.txt


  • 0

#19
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 87.84 52 K 8 K 0
audiodg.exe 3.43 37,472 K 41,260 K 9280
chrome.exe 1.84 469,404 K 530,476 K 1844 Google Chrome Google Inc. (Verified) Google Inc
procexp64.exe 1.81 29,568 K 67,536 K 2292 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 1.74 0 K 0 K n/a Hardware Interrupts and DPCs
SynTPEnh.exe 0.97 7,216 K 22,092 K 868 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
SpeechRuntime.exe 0.40 17,408 K 23,716 K 10756 Speech Runtime Executable Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.39 30,672 K 51,864 K 220
csrss.exe 0.35 2,416 K 4,992 K 7212
chrome.exe 0.22 183,372 K 272,472 K 5916 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.20 122,740 K 153,264 K 3400 Google Chrome Google Inc. (Verified) Google Inc
TabTip.exe 0.18 4,092 K 13,652 K 13400
System 0.11 152 K 7,196 K 4
HPMSGSVC.exe 0.11 1,568 K 7,916 K 11016 HP Message Service HP Inc. (Verified) Hewlett-Packard Company
AcroRd32.exe 0.08 24,144 K 45,852 K 2844 Adobe Acrobat Reader DC Adobe Systems Incorporated (Verified) Adobe Systems
MsMpEng.exe 0.08 216,728 K 207,300 K 3752 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
AppleMobileDeviceService.exe 0.03 3,620 K 11,140 K 3508 MobileDeviceService Apple Inc. (Verified) Apple Inc.
chrome.exe 0.03 135,440 K 170,172 K 14956 Google Chrome Google Inc. (Verified) Google Inc
explorer.exe 0.02 46,472 K 109,536 K 6952 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.02 122,688 K 181,248 K 13008 Google Chrome Google Inc. (Verified) Google Inc
McAPExe.exe 0.02 3,100 K 9,100 K 7348 McAfee Access Protection McAfee, Inc. (Verified) McAfee
iCloudServices.exe 0.02 44,220 K 44,760 K 15308 iCloud Services Apple Inc. (Verified) Apple Inc.
CNMNSST.exe 0.02 1,596 K 7,876 K 13428 Canon IJ Network Scanner Selector EX CANON INC. (Verified) Canon Inc.
PenCommService.exe 0.01 2,624 K 7,180 K 3484 Livescribe Smartpen Communication Service Livescribe (No signature was present in the subject) Livescribe
McSvHost.exe 0.01 33,652 K 35,300 K 5164 McAfee Service Host McAfee, Inc. (Verified) McAfee
svchost.exe 0.01 20,060 K 37,580 K 3312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
iPodService.exe 0.01 2,588 K 7,952 K 11172 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
WUDFHost.exe < 0.01 6,836 K 6,248 K 1504
AGSService.exe < 0.01 4,160 K 12,460 K 3760 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
EvernoteClipper.exe < 0.01 2,708 K 11,592 K 8532 Evernote Clipper Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 (Verified) EVERNOTE CORPORATION
RdrCEF.exe < 0.01 11,304 K 28,116 K 15972 Adobe RdrCEF Adobe Systems Incorporated (Verified) Adobe Systems
mfefire.exe < 0.01 2,632 K 8,096 K 3748
svchost.exe < 0.01 2,240 K 9,536 K 1456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
vpnsvc.exe < 0.01 3,568 K 11,272 K 3260 (Verified) AVAST Software a.s.
chrome.exe < 0.01 84,608 K 93,124 K 13900 Google Chrome Google Inc. (Verified) Google Inc
esif_assist_64.exe < 0.01 1,400 K 5,052 K 15156
HPSupportSolutionsFrameworkService.exe < 0.01 34,352 K 50,960 K 8316 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
secureline.exe < 0.01 7,324 K 8,880 K 7148 SecureLine AVAST Software (Verified) AVAST Software a.s.
chrome.exe < 0.01 27,684 K 33,508 K 14376 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe < 0.01 85,724 K 85,512 K 3168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
OneDrive.exe < 0.01 31,952 K 41,248 K 5060 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 5,092 K 13,848 K 16300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
iTunesHelper.exe < 0.01 4,012 K 14,072 K 13276 iTunesHelper Apple Inc. (Verified) Apple Inc.
OfficeClickToRun.exe < 0.01 54,876 K 46,860 K 14504 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 4,432 K 13,924 K 8844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 10,900 K 20,240 K 2344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,460 K 5,828 K 740
Memory Compression < 0.01 708 K 138,992 K 4036
WWAHost.exe 63,524 K 104,208 K 16380 Microsoft WWA Host Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 25,568 K 13,012 K 2076
WmiPrvSE.exe 13,100 K 25,164 K 1444
wlanext.exe 5,256 K 15,332 K 4728
WinStore.App.exe Suspended 39,220 K 69,960 K 12856 Store Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
winlogon.exe 2,216 K 7,580 K 15380
wininit.exe 1,672 K 6,116 K 852
unsecapp.exe 1,320 K 5,664 K 7832
Time.exe Suspended 14,100 K 39,528 K 15388 (No signature was present in the subject)
taskhostw.exe 17,112 K 29,180 K 3896 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
TabTip32.exe 1,372 K 4,656 K 4264
SystemSettings.exe Suspended 15,208 K 43,536 K 9756 Settings Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,056 K 4,640 K 1700
SynTPEnhService.exe 1,264 K 4,580 K 3200 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 5,156 K 11,988 K 2200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 13,728 K 19,112 K 3012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,060 K 13,168 K 708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,596 K 8,780 K 5128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,128 K 6,240 K 5884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,720 K 6,516 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,412 K 15,156 K 13908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,812 K 12,192 K 2832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,468 K 7,064 K 2148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,012 K 18,340 K 3184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 14,248 K 28,020 K 608 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,548 K 17,132 K 3304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,156 K 7,628 K 2576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 14,940 K 15,164 K 1528 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,336 K 21,796 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,808 K 18,752 K 2936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,472 K 29,312 K 9444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,100 K 6,408 K 13136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,312 K 8,740 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 27,664 K 8,304 K 3296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,532 K 16,668 K 2780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,000 K 15,592 K 10572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,952 K 6,780 K 12192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,788 K 15,200 K 1796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,280 K 12,528 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,224 K 18,212 K 3344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,680 K 5,616 K 2584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,652 K 8,808 K 2376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,320 K 7,852 K 2012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,912 K 10,800 K 2244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,140 K 7,032 K 3060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,672 K 6,404 K 12036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,680 K 6,776 K 11732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,536 K 8,376 K 3216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,084 K 9,360 K 2092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,556 K 14,284 K 4208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,068 K 11,164 K 2276 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 21,188 K 38,256 K 6968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,876 K 9,040 K 9144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,076 K 7,216 K 1588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,472 K 8,240 K 2000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,196 K 10,800 K 3364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,352 K 19,560 K 8076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,112 K 26,368 K 15632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 920 K 3,432 K 572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,204 K 8,736 K 1200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,412 K 4,948 K 1212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,064 K 10,236 K 1284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,680 K 5,424 K 1308 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,736 K 7,068 K 1408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,296 K 5,168 K 1596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,576 K 9,748 K 1604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,352 K 8,452 K 1732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,796 K 6,776 K 1900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,032 K 7,864 K 1908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,160 K 8,860 K 2064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,276 K 5,028 K 3176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,368 K 7,780 K 3328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,676 K 12,816 K 3336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,680 K 7,728 K 3352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,824 K 6,640 K 3972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,296 K 9,556 K 5464 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,432 K 16,196 K 2944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,876 K 14,104 K 2532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,368 K 5,596 K 2880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,584 K 9,312 K 9496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,548 K 5,784 K 11376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,496 K 11,080 K 3036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,716 K 8,724 K 9556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,232 K 5,076 K 12664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,028 K 8,336 K 14716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,328 K 5,252 K 4880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,408 K 5,488 K 9192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,500 K 20,908 K 15368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SSScheduler.exe 3,576 K 14,940 K 12760 McAfee Security Scanner Scheduler McAfee, Inc. (Verified) McAfee
spoolsv.exe 10,276 K 15,080 K 2952 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 500 K 1,004 K 436
smartscreen.exe 9,828 K 18,352 K 332 SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe 6,176 K 22,188 K 8572 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 32,472 K 80,860 K 4700 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 2,520 K 4,228 K 15520 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 5,704 K 9,728 K 980
SecurityHealthService.exe 6,052 K 14,520 K 3492 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 46,204 K 99,372 K 1636 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 37,372 K 45,984 K 13948 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 14,432 K 38,072 K 10152 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 8,056 K 15,116 K 12544 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 2,116 K 7,548 K 2476 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RichVideo64.exe 1,480 K 6,012 K 3428 RichVideo Module (Verified) CyberLink Corp.
RegSrvc.exe 1,848 K 7,624 K 3232 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
RdrCEF.exe 44,608 K 50,620 K 12788 Adobe RdrCEF Adobe Systems Incorporated (Verified) Adobe Systems
RAVBg64.exe 6,208 K 11,620 K 14176
procexp.exe 2,996 K 10,156 K 9156 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 31,176 K 18,076 K 8708 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
PEFService.exe 1,644 K 6,880 K 3524 Intel Security PEF Service Intel Security, Inc. (Verified) McAfee
ONENOTEM.EXE 2,524 K 2,528 K 4360 Send to OneNote Tool Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 15,124 K 10,728 K 1016 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
MSASCuiL.exe 1,928 K 9,040 K 1360 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
ModuleCoreService.exe 5,348 K 11,132 K 8888 McAfee Module Core Service McAfee, Inc. (Verified) McAfee
mfevtps.exe 4,212 K 8,616 K 4780
mfevtps.exe 2,764 K 6,572 K 3476 McAfee Process Validation Service McAfee, Inc. (Verified) McAfee
mfemms.exe 2,376 K 6,676 K 3288 McAfee Management Service McAfee, Inc. (Verified) McAfee
mfefire.exe 2,364 K 6,668 K 7268 McAfee Core Firewall Service McAfee, Inc. (Verified) McAfee
McVulCtr.exe 3,516 K 11,836 K 2216
McUICnt.exe 15,400 K 38,328 K 14824 McAfee McAfee, Inc. (Verified) McAfee
mcshield.exe 144,864 K 28,592 K 7384
McCSPServiceHost.exe 6,748 K 16,084 K 8780 McAfee CSP Service Host McAfee, Inc. (Verified) McAfee
lsass.exe 8,180 K 16,176 K 996 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
jhi_service.exe 1,356 K 5,312 K 8712 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
IntuitUpdateService.exe 14,644 K 2,032 K 8548 Intuit Update Service Intuit Inc. (Verified) Intuit
igfxEM.exe 3,528 K 12,028 K 1128 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 1,736 K 7,040 K 1772 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
ibtsiva.exe 1,400 K 5,584 K 3552 Intel® Wireless Bluetooth® iBtSiva Service Intel Corporation (Verified) Intel® Wireless Connectivity Solutions
IAStorDataMgrSvc.exe 24,244 K 29,348 K 8472 IAStorDataSvc Intel Corporation (Verified) Intel® Rapid Storage Technology
HxTsr.exe Suspended 8,260 K 33,300 K 10352 Microsoft Outlook Communications Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
HxOutlook.exe Suspended 28,140 K 59,388 K 8804 Microsoft Outlook Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe 1,556 K 7,420 K 1944 HP WMI Service HP Inc. (Verified) Hewlett-Packard Company
hpservice.exe 1,068 K 4,120 K 2396 HP Service HP (Verified) HP Inc.
HPRadioMgr64.exe 1,836 K 8,488 K 1424 HP Radio Manager HP (Verified) Hewlett-Packard
hpqwmiex.exe 2,084 K 8,892 K 8356 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
HPCommRecovery.exe 11,620 K 19,328 K 3436 CommRecovery HP Inc. (No signature was present in the subject) HP Inc.
GoogleCrashHandler64.exe 1,648 K 164 K 8240
GoogleCrashHandler.exe 1,664 K 572 K 8232
GamesAppIntegrationService.exe 1,572 K 6,940 K 3936 WildTangent Games App Integration Service WildTangent (Verified) WildTangent Inc
fontdrvhost.exe 2,656 K 6,040 K 12384
fontdrvhost.exe 2,436 K 2,788 K 660
FNPLicensingService64.exe 1,916 K 6,920 K 3272 Activation Licensing Service Flexera Software LLC (Verified) Flexera Software LLC
EvtEng.exe 5,148 K 12,252 K 3224 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
esif_uf.exe 2,128 K 6,544 K 3192 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel® Software
dllhost.exe 2,028 K 10,016 K 8348 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe 2,544 K 5,064 K 3444 Dropbox Service Dropbox, Inc. (Verified) Dropbox
dasHost.exe 11,844 K 16,796 K 4820
conhost.exe 1,276 K 4,896 K 4752
chrome.exe 55,104 K 37,764 K 15720 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 31,176 K 40,120 K 15588 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,892 K 32,344 K 12504 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,812 K 31,856 K 13200 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 59,864 K 63,420 K 11480 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 41,684 K 49,136 K 14256 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 37,484 K 43,112 K 12496 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 41,392 K 47,560 K 7780 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 37,800 K 43,508 K 13684 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 28,408 K 37,988 K 4364 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 79,136 K 83,804 K 15900 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,180 K 9,336 K 10044 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3,628 K 9,944 K 1580 Google Chrome Google Inc. (Verified) Google Inc
armsvc.exe 1,388 K 5,964 K 3500 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
APSDaemon.exe 5,204 K 16,500 K 3992 Apple Push Apple Inc. (Verified) Apple Inc.
ApplicationFrameHost.exe 18,404 K 33,700 K 7992 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
AcroRd32.exe 9,416 K 21,120 K 13444 Adobe Acrobat Reader DC Adobe Systems Incorporated (Verified) Adobe Systems

  • 0

#20
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       436 N/A                                         
csrss.exe                      740 N/A                                         
wininit.exe                    852 N/A                                         
services.exe                   980 N/A                                         
lsass.exe                      996 KeyIso, SamSs, VaultSvc                     
svchost.exe                    572 PlugPlay                                    
svchost.exe                    608 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
fontdrvhost.exe                660 N/A                                         
svchost.exe                    708 RpcEptMapper, RpcSs                         
svchost.exe                   1056 LSM                                         
svchost.exe                   1200 NcbService                                  
svchost.exe                   1212 wudfsvc                                     
svchost.exe                   1284 TimeBrokerSvc                               
svchost.exe                   1308 hidserv                                     
svchost.exe                   1408 TabletInputService                          
WUDFHost.exe                  1504 N/A                                         
svchost.exe                   1528 EventLog                                    
svchost.exe                   1588 EventSystem                                 
svchost.exe                   1596 Themes                                      
svchost.exe                   1604 ProfSvc                                     
svchost.exe                   1732 SENS                                        
igfxCUIService.exe            1772 igfxCUIService2.0.0.0                       
svchost.exe                   1796 Schedule                                    
svchost.exe                   1900 AudioEndpointBuilder                        
svchost.exe                   1908 FontCache                                   
svchost.exe                   2000 UserManager                                 
svchost.exe                   1456 SensrSvc                                    
svchost.exe                   2064 SensorService                               
WUDFHost.exe                  2076 N/A                                         
svchost.exe                   2092 nsi                                         
svchost.exe                   2148 Dhcp                                        
svchost.exe                   2200 NlaSvc                                      
svchost.exe                   2244 StateRepository                             
svchost.exe                   2276 Audiosrv                                    
svchost.exe                   2376 netprofm                                    
hpservice.exe                 2396 hpsrv                                       
RtkAudioService64.exe         2476 RtkAudioService                             
svchost.exe                   2568 Wcmsvc                                      
svchost.exe                   2576 Dnscache                                    
svchost.exe                   2584 DusmSvc                                     
svchost.exe                   2780 WlanSvc                                     
svchost.exe                   2832 ShellHWDetection                            
spoolsv.exe                   2952 Spooler                                     
svchost.exe                   3012 BFE, CoreMessagingRegistrar, MpsSvc         
svchost.exe                   3060 LanmanWorkstation                           
svchost.exe                   3168 SysMain                                     
svchost.exe                   3176 TrkWks                                      
svchost.exe                   3184 tiledatamodelsvc                            
esif_uf.exe                   3192 esifsvc                                     
SynTPEnhService.exe           3200 SynTPEnhService                             
EvtEng.exe                    3224 EvtEng                                      
RegSrvc.exe                   3232 RegSrvc                                     
vpnsvc.exe                    3260 SecureLine                                  
FNPLicensingService64.exe     3272 FlexNet Licensing Service 64                
mfemms.exe                    3288 mfemms                                      
svchost.exe                   3296 DeviceAssociationService                    
svchost.exe                   3304 Winmgmt                                     
svchost.exe                   3312 DiagTrack                                   
svchost.exe                   3320 DPS                                         
svchost.exe                   3328 stisvc                                      
svchost.exe                   3336 CryptSvc                                    
svchost.exe                   3344 WpnService                                  
svchost.exe                   3352 PcaSvc                                      
RichVideo64.exe               3428 RichVideo64                                 
HPCommRecovery.exe            3436 HP Comm Recover                             
DbxSvc.exe                    3444 DbxSvc                                      
mfevtps.exe                   3476 mfevtp                                      
PenCommService.exe            3484 PenCommService                              
SecurityHealthService.exe     3492 SecurityHealthService                       
armsvc.exe                    3500 AdobeARMservice                             
AppleMobileDeviceService.     3508 Apple Mobile Device Service                 
PEFService.exe                3524 PEFService                                  
ibtsiva.exe                   3552 ibtsiva                                     
MsMpEng.exe                   3752 WinDefend                                   
AGSService.exe                3760 AGSService                                  
svchost.exe                   3972 WdiServiceHost                              
Memory Compression            4036 N/A                                         
svchost.exe                   3216 LanmanServer                                
svchost.exe                   4208 iphlpsvc                                    
wlanext.exe                   4728 N/A                                         
conhost.exe                   4752 N/A                                         
mfevtps.exe                   4780 N/A                                         
dasHost.exe                   4820 N/A                                         
mfefire.exe                   3748 N/A                                         
svchost.exe                   5128 SSDPSRV                                     
McSvHost.exe                  5164 HomeNetSvc, mcbootdelaystartsvc, McMPFSvc,  
                                   McNaiAnn, mcpltsvc, McProxy                 
svchost.exe                   5464 Netman                                      
mfefire.exe                   7268 mfefire                                     
McAPExe.exe                   7348 McAPExe                                     
mcshield.exe                  7384 N/A                                         
unsecapp.exe                  7832 N/A                                         
WmiPrvSE.exe                  1444 N/A                                         
svchost.exe                   2604 FDResPub                                    
svchost.exe                   3364 HomeGroupProvider                           
NisSrv.exe                    1016 WdNisSvc                                    
svchost.exe                   2944 CDPSvc                                      
GamesAppIntegrationServic     3936 GamesAppIntegrationService                  
GoogleCrashHandler.exe        8232 N/A                                         
GoogleCrashHandler64.exe      8240 N/A                                         
HPSupportSolutionsFramewo     8316 HPSupportSolutionsFrameworkService          
IAStorDataMgrSvc.exe          8472 IAStorDataMgrSvc                            
IntuitUpdateService.exe       8548 IntuitUpdateServiceV4                       
jhi_service.exe               8712 jhi_service                                 
McCSPServiceHost.exe          8780 mccspsvc                                    
ModuleCoreService.exe         8888 ModuleCoreService                           
svchost.exe                   9144 wscsvc                                      
svchost.exe                   2532 StorSvc                                     
PresentationFontCache.exe     8708 FontCache3.0.0.0                            
svchost.exe                   2936 TokenBroker                                 
svchost.exe                   2880 Appinfo                                     
iPodService.exe              11172 iPod Service                                
hpqwmiex.exe                  8356 hpqwmiex                                    
svchost.exe                  10572 lfsvc                                       
svchost.exe                   8844 wcncsvc                                     
svchost.exe                   5884 QWAVE                                       
svchost.exe                  12192 WinHttpAutoProxySvc                         
svchost.exe                   9496 EapHost                                     
svchost.exe                   2012 RmSvc                                       
svchost.exe                  11376 SstpSvc                                     
svchost.exe                  13136 TapiSrv                                     
svchost.exe                   3036 RasMan                                      
svchost.exe                   8076 LicenseManager                              
svchost.exe                   9556 DsSvc                                       
svchost.exe                  12664 seclogon                                    
svchost.exe                  12036 Browser                                     
OfficeClickToRun.exe         14504 ClickToRunSvc                               
SearchIndexer.exe            13948 WSearch                                     
McVulCtr.exe                  2216 N/A                                         
HPWMISVC.exe                  1944 HPWMISVC                                    
audiodg.exe                   9280 N/A                                         
svchost.exe                  13908 wlidsvc                                     
csrss.exe                     7212 N/A                                         
winlogon.exe                 15380 N/A                                         
dwm.exe                        220 N/A                                         
fontdrvhost.exe              12384 N/A                                         
svchost.exe                  16300 fdPHost                                     
svchost.exe                  14716 NcdAutoSetup                                
svchost.exe                   4880 lmhosts                                     
svchost.exe                   9192 WdiSystemHost                               
esif_assist_64.exe           15156 N/A                                         
svchost.exe                  15368 CDPUserSvc_4bd086b                          
svchost.exe                  15632 WpnUserService_4bd086b                      
sihost.exe                    8572 N/A                                         
taskhostw.exe                 3896 N/A                                         
RAVBg64.exe                  14176 N/A                                         
SynTPEnh.exe                   868 N/A                                         
igfxEM.exe                    1128 N/A                                         
McUICnt.exe                  14824 N/A                                         
explorer.exe                  6952 N/A                                         
SynTPHelper.exe               1700 N/A                                         
ShellExperienceHost.exe       4700 N/A                                         
SearchUI.exe                  1636 N/A                                         
RuntimeBroker.exe            10152 N/A                                         
SpeechRuntime.exe            10756 N/A                                         
TabTip.exe                   13400 N/A                                         
TabTip32.exe                  4264 N/A                                         
MSASCuiL.exe                  1360 N/A                                         
RtkNGUI64.exe                12544 N/A                                         
iTunesHelper.exe             13276 N/A                                         
OneDrive.exe                  5060 N/A                                         
iCloudServices.exe           15308 N/A                                         
SSScheduler.exe              12760 N/A                                         
HPMSGSVC.exe                 11016 N/A                                         
EvernoteClipper.exe           8532 N/A                                         
ONENOTEM.EXE                  4360 N/A                                         
HPRadioMgr64.exe              1424 N/A                                         
CNMNSST.exe                  13428 N/A                                         
APSDaemon.exe                 3992 N/A                                         
svchost.exe                   9444 OneSyncSvc_4bd086b,                         
                                   PimIndexMaintenanceSvc_4bd086b,             
                                   UnistoreSvc_4bd086b, UserDataSvc_4bd086b    
secureline.exe                7148 N/A                                         
chrome.exe                    5916 N/A                                         
chrome.exe                   10044 N/A                                         
chrome.exe                    1580 N/A                                         
chrome.exe                   14956 N/A                                         
chrome.exe                   13008 N/A                                         
chrome.exe                    3400 N/A                                         
chrome.exe                   15900 N/A                                         
chrome.exe                   14376 N/A                                         
chrome.exe                   11480 N/A                                         
chrome.exe                   15588 N/A                                         
chrome.exe                   14256 N/A                                         
chrome.exe                   12504 N/A                                         
chrome.exe                   12496 N/A                                         
chrome.exe                   13900 N/A                                         
chrome.exe                    4364 N/A                                         
chrome.exe                   13200 N/A                                         
chrome.exe                    7780 N/A                                         
chrome.exe                   13684 N/A                                         
AcroRd32.exe                 13444 N/A                                         
AcroRd32.exe                  2844 N/A                                         
chrome.exe                   15720 N/A                                         
RdrCEF.exe                   15972 N/A                                         
RdrCEF.exe                   12788 N/A                                         
ApplicationFrameHost.exe      7992 N/A                                         
WinStore.App.exe             12856 N/A                                         
WWAHost.exe                  16380 N/A                                         
SystemSettings.exe            9756 N/A                                         
HxOutlook.exe                 8804 N/A                                         
HxTsr.exe                    10352 N/A                                         
Time.exe                     15388 N/A                                         
SettingSyncHost.exe          15520 N/A                                         
chrome.exe                    1844 N/A                                         
dllhost.exe                   8348 N/A                                         
smartscreen.exe                332 N/A                                         
svchost.exe                  11732 gpsvc                                       
notepad.exe                  14792 N/A                                         
SkypeHost.exe                14580 N/A                                         
Taskmgr.exe                  17092 N/A                                         
cmd.exe                       1188 N/A                                         
conhost.exe                  11208 N/A                                         
tasklist.exe                 13100 N/A                                         
WmiPrvSE.exe                  1280 N/A                                         

  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP

The svchost.exe files have calmed down and are not using a lot of CPU now.  Probably it was just Windows Update doing something.  Your FRST Additional scan shows McAfee Anti-Virus but I do not see it in the install list and Windows Defender is running so I assume you had it at one time and uninstalled it.  As usual the McAfee uninstaller didn't do a very good job.

 

Let's run the McAfee removal tool: (MCPR)

 

https://service.mcaf...te=19huab6t9l_4

 

If the overly long link to the instructions doesn't work the file can be downloaded at:

 

http://us.mcafee.com...s/mcpr/mcpr.asp

 

You also have  Avast SecureLine installed.  This should be uninstalled as it may be a cause of delay when connecting to the Internet.

 

Reboot when done then

create a new Process Explorer log as before.  I shouldn't need the junk.txt file this time.


  • 0

#22
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

The McAffee was pre-installed on my laptop. When I saw that it expired, or part of it, I tried to delete it I think. The part remaining I thought ran some free scans but I'm not even sure. It's confusing to me. Can you recommend a better antivirus program?

 

How do I uninstall Avast? Just right click and do a regular uninstall from there?


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP
McAfee has always been hard to get rid of.  
 
McAfee Security Scan Plus is foistware that you sometimes get when you update Java or some Adobe products if you do not uncheck the "optional software" before hitting the download button.  I'm not familiar with McAfee LiveSafe but it's no doubt junk too so I don't think you need it either.
 
To uninstall Avast (and any McAfee products that don't go away after running the removal tool)
 
search for:
 
appwiz.cpl
 
and hit Enter.  Then find Avast, select it and click on Uninstall.
 
I use the free Avast.  It's pretty good tho likes to put up popup windows in the bottom right to try and get you to upgrade to the paid version.  

  • 0

#24
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Done and done! Thank you so much. The internet is connecting right away now and generally seems to be running faster. Is there anything else I need to do?


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP

Guess it's cleanup time:

 

 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT, FRST  and their logs and Speccy's log can just be deleted.
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
 
If you use Chrome/Firefox then get the Ublock Origin  Add-on from https://www.ublock.org/.  For IE go to adblockplus.org  and get the add-on.  (It's actually a program for IE)
 
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
 
To prevent a relatively new phishing attack:  In Firefox, type:
 
about:config
 
in the URL box and hit Enter.  You should get a new page of options (if you get a notice about voiding the warranty just cancel the warning).  In the Search box put in 
 
puny
 
You should only get one option:
network.IDN_show_punycode
We want it to say True but by default it is False so double click on it to toggle from False to True.
Close and restart firefox.
 
To test it you can go to:
 
 
If the value is false you will see https://www.apple.cominstead of the correct value
 
 
If you are a Facebook user get the FB Purity extension for your browser:
This will stop all of the suggested pages and ads so that Facebook loads much quicker.
 
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

  • 0

Advertisements


#26
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

What is VEW? Also, I think I deleted flash and/or shockwave. Can I just download those from Adobe website? 


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,899 posts
  • MVP

Thought we had done VEW already.  Guess not:

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
 
You can get Flash and/Or Shockwave at adobe.com.  Links are on the bottom right of the home page.
 
Just be careful when you download them.  Wait a second or two until the optional software shows up then uncheck it before hitting Download. 

  • 0

#28
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 25/08/2017 8:57:25 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/08/2017 12:56:35 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2017 3:38:00 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 15/08/2017 1:34:12 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/08/2017 12:10:59 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:10:06 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/08/2017 12:04:47 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 25/08/2017 1:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 1:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 1:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 1:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 1:50:23 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 3:09:37 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 25/08/2017 1:20:12 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 25/08/2017 12:32:08 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 24/08/2017 3:33:53 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 24/08/2017 1:23:34 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 23/08/2017 4:02:23 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 23/08/2017 2:02:23 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/08/2017 12:14:46 AM
Type: Warning Category: 0
Event: 10400 Source: Microsoft-Windows-NDIS
The network interface "Intel® Dual Band Wireless-AC 3165" has begun resetting.  There will be a momentary disruption in network connectivity while the hardware resets. Reason: The network driver requested that it be reset. This network interface has reset 2 time(s) since it was last initialized.
 
Log: 'System' Date/Time: 26/08/2017 12:14:31 AM
Type: Warning Category: 0
Event: 10400 Source: Microsoft-Windows-NDIS
The network interface "Intel® Dual Band Wireless-AC 3165" has begun resetting.  There will be a momentary disruption in network connectivity while the hardware resets. Reason: The network driver requested that it be reset. This network interface has reset 1 time(s) since it was last initialized.
 
Log: 'System' Date/Time: 26/08/2017 12:13:53 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ssw.live.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/08/2017 12:11:59 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 12 seconds since the last report.
 
Log: 'System' Date/Time: 26/08/2017 12:11:27 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/08/2017 12:10:57 AM
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode.  The minimum required supported state mask is 0x491f7fffff, got 0x1fffffff.  Low Energy peripheral role functionality will not be available.
 
Log: 'System' Date/Time: 26/08/2017 12:10:49 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device HID\Vid_8086&Pid_0001\6&f65e38f&0&0000.
 
Log: 'System' Date/Time: 26/08/2017 12:10:49 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device HID\Vid_8086&Pid_0001\6&221f9434&0&0000.
 
Log: 'System' Date/Time: 26/08/2017 12:10:49 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device HID\Vid_8086&Pid_0001\6&34d944d9&0&0000.
 
Log: 'System' Date/Time: 26/08/2017 12:10:48 AM
Type: Warning Category: 0
Event: 1 Source: ISH
Intel® ISH Interface is being reset.
 
Log: 'System' Date/Time: 26/08/2017 12:10:48 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 26/08/2017 12:10:12 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/08/2017 12:10:10 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name login.microsoftonline.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 26/08/2017 12:10:09 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 58306 in process 2440 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:09 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 59482 in process 2056 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:09 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 63173 in process 2056 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:07 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 51189 in process 8636 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:05 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 64420 in process 2056 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:03 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 50340 in process 2056 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  
 
Log: 'System' Date/Time: 26/08/2017 12:10:03 AM
Type: Warning Category: 0
Event: 16002 Source: AFD
Closing a UDP socket with local port number 50279 in process 2056 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products.  

  • 0

#29
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 25/08/2017 9:02:18 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/08/2017 12:17:03 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.483, time stamp: 0x595f2577 Faulting module name: ntdll.dll, version: 10.0.15063.447, time stamp: 0xa329d3a8 Exception code: 0xcfffffff Fault offset: 0x000000000002b1f6 Faulting process id: 0x3a20 Faulting application start time: 0x01d31e009053a316 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: c4c8946b-df96-4e63-983b-27f34d54a2af Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: ContentProcess
 
Log: 'Application' Date/Time: 26/08/2017 12:15:37 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:15:32 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:15:27 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:15:25 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:15:19 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:14:03 AM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 26/08/2017 12:11:01 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPowerControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPowerControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPowerControlCapabilityChanged [19]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPowerControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 26/08/2017 12:11:01 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 26/08/2017 12:11:01 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 26/08/2017 12:11:01 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Passive Policy 2 [2]
 
 
Log: 'Application' Date/Time: 26/08/2017 12:11:01 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Critical Policy [1]
 
 
Log: 'Application' Date/Time: 26/08/2017 12:04:43 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPowerControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPowerControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPowerControlCapabilityChanged [19]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPowerControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 26/08/2017 12:04:43 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 26/08/2017 12:04:43 AM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 25/08/2017 7:01:45 PM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 25/08/2017 7:01:12 PM
Type: Error Category: 0
Event: 10031 Source: Microsoft-Windows-COMRuntime
An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Log: 'Application' Date/Time: 25/08/2017 7:00:34 PM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPowerControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPowerControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPowerControlCapabilityChanged [19]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPowerControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 25/08/2017 7:00:33 PM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
Log: 'Application' Date/Time: 25/08/2017 7:00:33 PM
Type: Error Category: 1
Event: 256 Source: DPTF
Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63
Executing Function:  WIDomainPerformanceControlCapabilityChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  DomainPerformanceControlCapabilityChanged [17]
Participant:  TCPU [1]
Policy:  Passive Policy 2 [2]
Exception Function:  Policy::executeDomainPerformanceControlCapabilityChanged
Exception Text:  
Could not find client in directory.
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/08/2017 12:13:25 AM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 25/08/2017 7:37:42 PM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 25/08/2017 1:51:38 PM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Profiles> took 74 second(s) to handle the notification event (Logoff).
 
Log: 'Application' Date/Time: 25/08/2017 1:51:38 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
svchost (3020) SRUJet: A request to write to the file "C:\WINDOWS\system32\SRU\SRU.log" at offset 57344 (0x000000000000e000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 25/08/2017 1:51:38 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
svchost (3020) SRUJet: A request to write to the file "C:\WINDOWS\system32\SRU\SRU.log" at offset 57344 (0x000000000000e000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (36 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Log: 'Application' Date/Time: 25/08/2017 1:51:24 PM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Profiles> is taking long time to handle the notification event (Logoff).
 
Log: 'Application' Date/Time: 25/08/2017 11:14:58 AM
Type: Warning Category: 0
Event: 2901 Source: HP Active Health
Error getting Windows updates: System.Threading.ThreadAbortException: Thread was being aborted.    at Interop.WUApiLib.IUpdateSearcher.Search(String criteria)    at HP.ActiveHealth.Agents.WindowsUpdates.WindowsUpdatesAgent.GetWindowsUpdates()
 
Log: 'Application' Date/Time: 25/08/2017 11:14:44 AM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time
 
Log: 'Application' Date/Time: 25/08/2017 11:14:26 AM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET EmbeddedController.AuditLog.JSON command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 24/08/2017 6:02:50 PM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 24/08/2017 11:33:13 AM
Type: Warning Category: 0
Event: 2901 Source: HP Active Health
Error getting Windows updates: System.Threading.ThreadAbortException: Thread was being aborted.    at Interop.WUApiLib.IUpdateSearcher.Search(String criteria)    at HP.ActiveHealth.Agents.WindowsUpdates.WindowsUpdatesAgent.GetWindowsUpdates()
 
Log: 'Application' Date/Time: 24/08/2017 11:32:55 AM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time
 
Log: 'Application' Date/Time: 24/08/2017 11:32:35 AM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
Error running a Casl GET EmbeddedController.AuditLog.JSON command: Exception has been thrown by the target of an invocation.
 
Log: 'Application' Date/Time: 24/08/2017 11:29:45 AM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 24/08/2017 3:58:28 AM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 24/08/2017 3:37:28 AM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 23/08/2017 8:47:35 PM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 23/08/2017 1:54:32 PM
Type: Warning Category: 0
Event: 1 Source: SpeechRuntime
Audio Orchestrator Power Event: Battery Saver Turned On, Voice Activation Disabled
 
Log: 'Application' Date/Time: 23/08/2017 1:05:38 PM
Type: Warning Category: 0
Event: 2901 Source: HP Active Health
Error getting Windows updates: System.Threading.ThreadAbortException: Thread was being aborted.    at Interop.WUApiLib.IUpdateSearcher.Search(String criteria)    at HP.ActiveHealth.Agents.WindowsUpdates.WindowsUpdatesAgent.GetWindowsUpdates()
 
Log: 'Application' Date/Time: 23/08/2017 1:05:26 PM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time

  • 0

#30
frogg25

frogg25

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

It  seems that the internet is once again taking a long time to connect.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP